Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-1750

    Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. An application may be able to execute arbi... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2005-3481

    Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibilit... Read more

    Affected Products : ios
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 9.3

    CRITICAL
    CVE-2018-4048

    An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vu... Read more

    Affected Products : galaxy
    • Published: May. 30, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-4010

    An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system'... Read more

    Affected Products : protonvpn
    • Published: Sep. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2018-4008

    An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vuln... Read more

    Affected Products : shimo_vpn
    • Published: Apr. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2025-10365

    The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup netw... Read more

    Affected Products :
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-10364

    The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup netw... Read more

    Affected Products :
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2018-4005

    An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the configureRoutingWithCommand function. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need loc... Read more

    Affected Products : shimo_vpn
    • Published: Apr. 17, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-2219

    Unspecified vulnerability in the Win32 API on Microsoft Windows 2000, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via certain parameters to an unspecified function.... Read more

    • Published: Jun. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2018-3974

    An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system service on boot by default to exploit this vulnerability a... Read more

    Affected Products : galaxy
    • Published: Apr. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2005-2310

    Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.... Read more

    Affected Products : winamp
    • Published: Jul. 19, 2005
    • Modified: Apr. 03, 2025

  • 9.3

    CRITICAL
    CVE-2023-38686

    Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to send emails using TLS, Sydent does not verify SMTP servers' certificates. This makes Sydent's emails vulnerable to interception via a man-in-the... Read more

    Affected Products : sydent
    • Published: Aug. 04, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-8634

    A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Window... Read more

    • Published: Dec. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9973

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file ma... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9852

    An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9701

    Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    • Published: Aug. 19, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9565

    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : windows bridge
    • Published: Jun. 26, 2020
    • Modified: May. 05, 2025

  • 9.3

    HIGH
    CVE-2020-9555

    Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows bridge
    • Published: Jun. 26, 2020
    • Modified: May. 05, 2025

  • 9.3

    HIGH
    CVE-2020-6572

    Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page.... Read more

    Affected Products : chrome
    • Actively Exploited
    • Published: Jan. 14, 2021
    • Modified: Mar. 27, 2025

  • 9.3

    HIGH
    CVE-2020-6552

    Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : fedora debian_linux chrome
    • Published: Sep. 21, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294846 Results