Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2018-4920

    Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.... Read more

    • Published: May. 19, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-4456

    A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14.... Read more

    Affected Products : mac_os_x
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-5859

    Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption.... Read more

    Affected Products : mac_os_x safari
    • Published: Dec. 19, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-4344

    A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Actively Exploited
    • Published: Apr. 03, 2019
    • Modified: Feb. 28, 2025

  • 9.3

    HIGH
    CVE-2018-4336

    A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-4243

    An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlis... Read more

    Affected Products : mac_os_x iphone_os watchos apple_tv
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2023-45133

    Babel is a compiler for writingJavaScript. In `@babel/traverse` prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of `babel-traverse`, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution ... Read more

    • Published: Oct. 12, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-6027

    Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control.... Read more

    Affected Products : acrobat_reader
    • Published: Nov. 21, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-17953

    A incorrect variable in a SUSE specific patch for pam_access rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pam_access rules not being applied (fail open).... Read more

    Affected Products : leap linux_enterprise linux-pam
    • Published: Nov. 27, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-5868

    Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.... Read more

    Affected Products : ubuntu_linux debian_linux imagemagick
    • Published: Nov. 22, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-16046

    Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a... Read more

    • Published: Jan. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-5820

    The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value.... Read more

    Affected Products : aol
    • Published: Apr. 02, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-15930

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-12846

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-12841

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-5849

    Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.... Read more

    Affected Products : mac_os_x cups
    • Published: Dec. 19, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-0866

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripti... Read more

    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-5581

    Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Functi... Read more

    Affected Products : internet_explorer
    • Published: Dec. 12, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-2530

    Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a cra... Read more

    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2017-8743

    A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". Thi... Read more

    • Published: Sep. 13, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294759 Results