Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-7018

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.70
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-8043

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.... Read more

    • EPSS Score: %72.58
    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6309

    statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session.... Read more

    Affected Products : openssl
    • EPSS Score: %44.97
    • Published: Sep. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-8056

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler befor... Read more

    • EPSS Score: %10.68
    • Published: Dec. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2015-7930

    Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors.... Read more

    • EPSS Score: %0.92
    • Published: Dec. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-5194

    Unspecified vulnerabilities in Google Chrome before 54.0.2840.59.... Read more

    Affected Products : chrome
    • EPSS Score: %0.25
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-7906

    LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors.... Read more

    • EPSS Score: %0.38
    • Published: Dec. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7937

    Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.... Read more

    • EPSS Score: %4.68
    • Published: Dec. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7860

    Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lack... Read more

    Affected Products : radia_client_automation
    • EPSS Score: %15.73
    • Published: Oct. 19, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4267

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.11
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4259

    Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4260, CVE-2016-42... Read more

    Affected Products : digital_editions
    • EPSS Score: %5.86
    • Published: Sep. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7828

    SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopydir, (2) fmkdir, (3) frmdir, (4) getenv, (5) dumpenv, (6)... Read more

    Affected Products : hana
    • EPSS Score: %3.56
    • Published: Nov. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7838

    ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows remote attackers to upload and execute arbitrary files via unspecified vectors.... Read more

    Affected Products : storage_manager
    • EPSS Score: %16.42
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2021-21538

    Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console.... Read more

    Affected Products : idrac9_firmware emc_idrac9_firmware
    • EPSS Score: %1.55
    • Published: Jul. 29, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-0324

    Product: AndroidVersions: Android SoCAndroid ID: A-175402462... Read more

    Affected Products : android
    • EPSS Score: %0.17
    • Published: Jun. 14, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-4088

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %3.31
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3236

    The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles proxy disc... Read more

    • EPSS Score: %78.00
    • Published: Jun. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7755

    Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r... Read more

    Affected Products : screenos
    • EPSS Score: %87.09
    • Published: Dec. 19, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7730

    SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.... Read more

    • EPSS Score: %1.88
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1930

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via... Read more

    Affected Products : firefox firefox_esr leap linux opensuse
    • EPSS Score: %2.12
    • Published: Jan. 31, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292516 Results