Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2018-4234

    An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-4160

    An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a c... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-4132

    An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corru... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-4098

    An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2004-0200

    Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a la... Read more

    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2018-19418

    Foxit PDF ActiveX before 5.5.1 allows remote code execution via command injection because of the lack of a security permission control.... Read more

    Affected Products : windows pdf_activex
    • Published: Jan. 07, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2023-24509

    On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a ... Read more

    Affected Products : eos 7304x3 7324x 7328x 7504r3 7508r3 7512r3 7804r3 7808r3 704x3 +11 more products
    • Published: Apr. 13, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-1030

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from C... Read more

    Affected Products : office
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-1011

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-... Read more

    Affected Products : excel excel_rt
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0841

    Microsoft Office 2016 Click-to-Run allows a remote code execution vulnerability due to how objects are handled in memory, aka "Office Remote Code Execution Vulnerability"... Read more

    Affected Products : office
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0795

    Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".... Read more

    Affected Products : office word
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0791

    Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE ... Read more

    Affected Products : office outlook
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2003-1327

    Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a lo... Read more

    Affected Products : linux_kernel wu-ftpd
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2003-1398

    Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).... Read more

    Affected Products : ios
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2017-8958

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 and earlier was found.... Read more

    Affected Products : intelligent_management_center
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2003-1336

    Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL.... Read more

    Affected Products : mirc
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2017-8725

    A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft Office Publisher Remote Code Execution".... Read more

    Affected Products : office publisher
    • Published: Sep. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8570

    Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.... Read more

    Affected Products : office
    • Actively Exploited
    • Published: Jul. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8558

    The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,... Read more

    • Published: Jun. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-7170

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 294848 Results