Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-3762

    Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system wri... Read more

    • EPSS Score: %1.32
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-1378

    Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.... Read more

    • EPSS Score: %7.03
    • Published: Apr. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-6436

    Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an exi... Read more

    • EPSS Score: %14.75
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-6434

    gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary commands via a the (1) a1 or (2) a2 parameter in a restart action.... Read more

    Affected Products : gopro_hero_firmware gopro_hero
    • EPSS Score: %3.36
    • Published: Oct. 07, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-0131

    Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.... Read more

    • EPSS Score: %15.13
    • Published: Apr. 05, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-3641

    Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag... Read more

    • EPSS Score: %0.33
    • Published: Jun. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-6287

    The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.... Read more

    Affected Products : http_file_server
    • Actively Exploited
    • EPSS Score: %94.31
    • Published: Oct. 07, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2005-2715

    Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code... Read more

    • EPSS Score: %66.31
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-0275

    Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x before 12.1.1, and CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted TIFF image with SGI24LogLum compression.... Read more

    • EPSS Score: %24.01
    • Published: Sep. 04, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-6321

    Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via... Read more

    • EPSS Score: %92.37
    • Published: Nov. 11, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6940

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.24
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-6120

    IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow remote attackers to execute arbitrary commands on the installation serv... Read more

    • EPSS Score: %4.19
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-6967

    In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize ... Read more

    Affected Products : factorytalk_services_platform
    • EPSS Score: %1.58
    • Published: Mar. 23, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30234

    A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior)... Read more

    • EPSS Score: %0.47
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-3382

    A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability exis... Read more

    • EPSS Score: %13.06
    • Published: Jul. 31, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-0612

    Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0615, CVE-2013-0617, and CV... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %7.91
    • Published: Jan. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2050

    Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %30.39
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-3330

    A vulnerability in the Telnet service of Cisco Small Business RV110W Wireless-N VPN Firewall Routers could allow an unauthenticated, remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a syst... Read more

    • EPSS Score: %5.36
    • Published: Jul. 16, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-2025

    Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, and CVE-2012-2026.... Read more

    Affected Products : illustrator illustrator_cs5.5
    • EPSS Score: %25.79
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-3280

    A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserializa... Read more

    Affected Products : unified_contact_center_express
    • EPSS Score: %6.34
    • Published: May. 22, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292316 Results