Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-3063

    Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3067

    Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3075

    Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-5599

    TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper neutralization of argument delimiters in a command ('Argument Inje... Read more

    • Published: Jul. 07, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-1948

    The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remot... Read more

    Affected Products : gnutls
    • Published: May. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-2909

    Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in wh... Read more

    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-2887

    iBaby M3S has a password of admin for the backdoor admin account.... Read more

    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-2885

    Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.... Read more

    Affected Products : peek-a-view_firmware peek-a-view
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-2881

    Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account.... Read more

    Affected Products : gcw-1010 gcw-1020 gpw-1025
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-2874

    Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 have a default password of root for the root account, which allows remote attackers to obtain administra... Read more

    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2844

    The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATH_INFO.... Read more

    Affected Products : goadmin_ce
    • Published: May. 12, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2845

    The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.... Read more

    Affected Products : goadmin_ce
    • Published: May. 12, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-9682

    Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write.... Read more

    • Published: Jul. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-2786

    Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 has unknown attack vectors related to "Group join request notifications sent to wrong group leaders."... Read more

    Affected Products : mybb
    • Published: Mar. 29, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-10269

    BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.... Read more

    Affected Products : ubuntu_linux burrow-wheeler_aligner
    • Published: Mar. 29, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-12714

    An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index inval... Read more

    Affected Products : linux_kernel
    • Published: Jun. 24, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-1095

    Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200... Read more

    Affected Products : jre jdk
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-0693

    The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers... Read more

    • Published: Oct. 03, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-5341

    Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Da... Read more

    • Published: Jul. 28, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-2767

    Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled."... Read more

    Affected Products : triton_ap_email
    • Published: Mar. 27, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 293509 Results