Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-5096

    Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows ... Read more

    • EPSS Score: %4.40
    • Published: Jul. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-16844

    Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded rea... Read more

    Affected Products : procmail
    • EPSS Score: %24.33
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-5082

    Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.... Read more

    Affected Products : firewall endian_firewall
    • EPSS Score: %86.67
    • Published: Sep. 28, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5087

    Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary ... Read more

    • EPSS Score: %3.22
    • Published: Jul. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5099

    Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow... Read more

    • EPSS Score: %3.73
    • Published: Jul. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4932

    Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4933, CVE-2015-4934, and CV... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %18.55
    • Published: Aug. 03, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4934

    Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, and CV... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %18.35
    • Published: Aug. 03, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4935

    Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, and CV... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %18.35
    • Published: Aug. 03, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4915

    Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Man... Read more

    • EPSS Score: %2.47
    • Published: Oct. 22, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4839

    Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Listener, a different vul... Read more

    Affected Products : e-business_suite
    • EPSS Score: %2.71
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4798

    Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Listener, a different vul... Read more

    Affected Products : e-business_suite
    • EPSS Score: %2.71
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4732

    Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CV... Read more

    Affected Products : jdk jre
    • EPSS Score: %14.86
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4716

    Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors.... Read more

    Affected Products : owncloud windows owncloud_server
    • EPSS Score: %23.32
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2020-6770

    Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.0.329 and 7... Read more

    • EPSS Score: %11.30
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-1615

    Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence tha... Read more

    Affected Products : clamav
    • EPSS Score: %36.76
    • Published: Apr. 06, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1041

    Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges.... Read more

    Affected Products : ypbind
    • EPSS Score: %0.39
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0129

    Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.... Read more

    Affected Products : tinyproxy
    • EPSS Score: %9.56
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2020-6779

    Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromi... Read more

    • EPSS Score: %9.94
    • Published: Jan. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-4650

    Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to gain shell access and execute arbitrary code with root privileges via unspecified vectors.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %5.49
    • Published: Oct. 16, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2020-6769

    Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confident... Read more

    • EPSS Score: %1.08
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292731 Results