Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-2845

    The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.... Read more

    Affected Products : goadmin_ce
    • Published: May. 12, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-9682

    Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write.... Read more

    • Published: Jul. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-2786

    Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 has unknown attack vectors related to "Group join request notifications sent to wrong group leaders."... Read more

    Affected Products : mybb
    • Published: Mar. 29, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-10269

    BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.... Read more

    Affected Products : ubuntu_linux burrow-wheeler_aligner
    • Published: Mar. 29, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-12714

    An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index inval... Read more

    Affected Products : linux_kernel
    • Published: Jun. 24, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-1095

    Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200... Read more

    Affected Products : jre jdk
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-0693

    The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers... Read more

    • Published: Oct. 03, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-5341

    Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Da... Read more

    • Published: Jul. 28, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-2767

    Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled."... Read more

    Affected Products : triton_ap_email
    • Published: Mar. 27, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-5344

    Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitra... Read more

    • Published: Mar. 31, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-2734

    The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has... Read more

    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2725

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ... Read more

    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-0873

    The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses."... Read more

    Affected Products : ffmpeg
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-2733

    Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttp... Read more

    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2726

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2638

    Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.... Read more

    Affected Products : jdk jre javafx
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-1710

    The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code o... Read more

    • Published: Aug. 07, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1718

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of s... Read more

    • Published: Sep. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-2608

    Unspecified vulnerability in (1) the Oracle Communications Diameter Signaling Router (DSR) component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier; (2) the Oracle Communications Perfor... Read more

    Affected Products : communications_applications
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-3116

    Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (ap... Read more

    • Published: Aug. 24, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 293284 Results