Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2007-1423

    Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.... Read more

    Affected Products : work_system_e-commerce
    • Published: Mar. 13, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-42527

    Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interact... Read more

    Affected Products : macos windows premiere_elements
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-42526

    Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interact... Read more

    Affected Products : macos windows premiere_elements
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-42271

    Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op... Read more

    Affected Products : animate
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1498

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If... Read more

    Affected Products : office 365_apps excel
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40764

    Adobe Character Animator version 4.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this... Read more

    Affected Products : macos windows character_animator
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40758

    Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is r... Read more

    Affected Products : windows after_effects
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40740

    Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerab... Read more

    Affected Products : macos windows audition
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40703

    Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious m4a file, potentially resulting in arbitrary code execution in the context of the current user. User intera... Read more

    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40700

    Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User inter... Read more

    Affected Products : macos windows premiere_elements
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1332

    Multiple cross-site request forgery (CSRF) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to perform unspecified restricted actions in the context of certain accounts by bypassing the client-side protection scheme.... Read more

    Affected Products : eportfolio
    • Published: Mar. 07, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1344

    Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceStrin... Read more

    Affected Products : icecast_ezstream ezstream
    • Published: Mar. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-36078

    Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is require... Read more

    Affected Products : windows bridge
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-36011

    Adobe Illustrator version 25.2.3 (and earlier) is affected by a potential Command injection vulnerability when chained with a development and debugging tool for JavaScript scripts. An unauthenticated attacker could leverage this vulnerability to achieve a... Read more

    Affected Products : windows illustrator
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-35997

    Adobe Premiere Pro version 15.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the c... Read more

    Affected Products : premiere_pro windows
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1252

    Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from th... Read more

    Affected Products : mail_security
    • Published: Mar. 03, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1253

    Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file.... Read more

    Affected Products : blender
    • Published: Mar. 03, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1197

    Multiple unspecified vulnerabilities in Epiware before 4.7.5 have unknown impact and attack vectors, possibly related to cross-site scripting (XSS) and other unspecified issues.... Read more

    Affected Products : epiware
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-30969

    A path handling issue was addressed with improved validation. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Processing a maliciously crafted URL may cause unexpected JavaScript execution from a file on disk.... Read more

    Affected Products : macos mac_os_x
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1193

    Multiple unspecified vulnerabilities in the Login page in OrangeHRM before 20070212 have unknown impact and attack vectors.... Read more

    Affected Products : orangehrm
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 294754 Results