Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2001-0045

    The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities.... Read more

    Affected Products : windows_nt
    • EPSS Score: %1.24
    • Published: Feb. 16, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-2508

    Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBindin... Read more

    Affected Products : serverprotect serverprotect
    • EPSS Score: %78.61
    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-4602

    The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an une... Read more

    • EPSS Score: %17.65
    • Published: May. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4603

    The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.... Read more

    • EPSS Score: %11.44
    • Published: May. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2002-1145

    The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updati... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %2.44
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-0927

    Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences.... Read more

    Affected Products : webapp
    • EPSS Score: %0.45
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0101

    miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a ses... Read more

    • EPSS Score: %15.50
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2529

    Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives."... Read more

    Affected Products : java
    • EPSS Score: %0.68
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-4486

    The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.... Read more

    • EPSS Score: %2.19
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4477

    Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.... Read more

    Affected Products : firefox ubuntu_linux opensuse
    • EPSS Score: %4.96
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-4641

    The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.... Read more

    Affected Products : jhead jhead
    • EPSS Score: %2.02
    • Published: Oct. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4834

    Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans re... Read more

    • EPSS Score: %69.64
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-4430

    Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler b... Read more

    • EPSS Score: %68.03
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-5316

    Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input f... Read more

    Affected Products : little_cms_color_engine lcms
    • EPSS Score: %1.84
    • Published: Dec. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-4428

    Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler b... Read more

    • EPSS Score: %13.60
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4445

    Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript ... Read more

    • EPSS Score: %5.69
    • Published: Jul. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4431

    Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers... Read more

    • EPSS Score: %7.33
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4432

    Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler bef... Read more

    • EPSS Score: %68.03
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1116

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.11
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2003-1425

    guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.... Read more

    Affected Products : cpanel
    • EPSS Score: %3.68
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 292386 Results