Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2002-2017

    sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.... Read more

    Affected Products : base integration_technologies
    • EPSS Score: %0.82
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2014-1905

    Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, and then acc... Read more

    • EPSS Score: %17.96
    • Published: Dec. 29, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-9184

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, ... Read more

    • EPSS Score: %0.23
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-9201

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400... Read more

    • EPSS Score: %0.22
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-1221

    The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attacker... Read more

    Affected Products : debian_linux linux irix
    • EPSS Score: %12.18
    • Published: Jan. 08, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0093

    An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.... Read more

    Affected Products : linux
    • EPSS Score: %0.25
    • Published: Jan. 21, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2014-1982

    The administrative interface in Allied Telesis AT-RG634A ADSL Broadband router 3.3+, iMG624A firmware 3.5, iMG616LH firmware 2.4, and iMG646BD firmware 3.5 allows remote attackers to gain privileges and execute arbitrary commands via a direct request to c... Read more

    • EPSS Score: %17.89
    • Published: Mar. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-3353

    Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3356.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %43.98
    • Published: Sep. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2466

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to D... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %7.54
    • Published: Jun. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0372

    The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640.... Read more

    • EPSS Score: %4.01
    • Published: Feb. 25, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2024-24576

    Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Comma... Read more

    Affected Products : rust
    • Published: Apr. 09, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14618

    curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate fro... Read more

    • EPSS Score: %0.50
    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-1659

    Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.... Read more

    • EPSS Score: %2.36
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-0402

    Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated ... Read more

    Affected Products : jdk jre javafx
    • EPSS Score: %7.53
    • Published: Mar. 08, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1974

    Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to e... Read more

    • EPSS Score: %3.30
    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0864

    The gif_copy_img_rect function in libavcodec/gifdec.c in FFmpeg before 1.1.2 performs an incorrect calculation for an "end pointer," which allows remote attackers to have an unspecified impact via crafted GIF data that triggers an out-of-bounds array acce... Read more

    Affected Products : ffmpeg
    • EPSS Score: %1.43
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1525

    Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %41.56
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3563

    Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from ... Read more

    Affected Products : jre jdk
    • EPSS Score: %88.76
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-0467

    Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.... Read more

    Affected Products : firebird firebird
    • EPSS Score: %23.51
    • Published: Jan. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-4219

    Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain int... Read more

    Affected Products : serverprotect serverprotect
    • EPSS Score: %39.62
    • Published: Aug. 22, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291401 Results