Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-40700

    Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User inter... Read more

    Affected Products : macos windows premiere_elements
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1332

    Multiple cross-site request forgery (CSRF) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to perform unspecified restricted actions in the context of certain accounts by bypassing the client-side protection scheme.... Read more

    Affected Products : eportfolio
    • Published: Mar. 07, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1344

    Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceStrin... Read more

    Affected Products : icecast_ezstream ezstream
    • Published: Mar. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-36078

    Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is require... Read more

    Affected Products : windows bridge
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-36011

    Adobe Illustrator version 25.2.3 (and earlier) is affected by a potential Command injection vulnerability when chained with a development and debugging tool for JavaScript scripts. An unauthenticated attacker could leverage this vulnerability to achieve a... Read more

    Affected Products : windows illustrator
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-35997

    Adobe Premiere Pro version 15.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the c... Read more

    Affected Products : premiere_pro windows
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1252

    Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from th... Read more

    Affected Products : mail_security
    • Published: Mar. 03, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1253

    Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file.... Read more

    Affected Products : blender
    • Published: Mar. 03, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1197

    Multiple unspecified vulnerabilities in Epiware before 4.7.5 have unknown impact and attack vectors, possibly related to cross-site scripting (XSS) and other unspecified issues.... Read more

    Affected Products : epiware
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-30969

    A path handling issue was addressed with improved validation. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Processing a maliciously crafted URL may cause unexpected JavaScript execution from a file on disk.... Read more

    Affected Products : macos mac_os_x
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1193

    Multiple unspecified vulnerabilities in the Login page in OrangeHRM before 20070212 have unknown impact and attack vectors.... Read more

    Affected Products : orangehrm
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-30869

    A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A ma... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Actively Exploited
    • Published: Aug. 24, 2021
    • Modified: Mar. 13, 2025

  • 9.3

    HIGH
    CVE-2021-30672

    A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1092

    Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook o... Read more

    Affected Products : firefox seamonkey
    • Published: Feb. 26, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-28603

    Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the contex... Read more

    Affected Products : windows after_effects
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28595

    Adobe Dimension version 3.4 (and earlier) is affected by an Uncontrolled Search Path Element element. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of thi... Read more

    Affected Products : macos windows dimension
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2023-49079

    Misskey is an open source, decentralized social media platform. Misskey's missing signature validation allows arbitrary users to impersonate any remote user. This issue has been patched in version 2023.11.1-beta.1.... Read more

    Affected Products : misskey
    • Published: Nov. 29, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1037

    Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier allows remote attackers to execute arbitrary code via a .nzb file with a long subject field. NOTE: the provenance of this information is unknown; the details are obtained solely from th... Read more

    Affected Products : news_file_grabber
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1041

    Multiple stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1 allow remote attackers to execute arbitrary code via a .nzb file with a long (1) group or (2) subject string.... Read more

    Affected Products : news_rover
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1018

    PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. NOTE: the provenan... Read more

    Affected Products : vs-news-system
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 294836 Results