Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2014-5503

    SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the add_guest_user opcode.... Read more

    Affected Products : cyberoam_os
    • Published: Oct. 07, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-3964

    Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute ... Read more

    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-5428

    Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Autom... Read more

    • Published: Mar. 29, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-4163

    Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.... Read more

    • Published: Aug. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-1085

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-4504

    Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file.... Read more

    Affected Products : libproxy
    • Published: Nov. 11, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-5342

    Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-6627.... Read more

    Affected Products : clearpass
    • Published: Nov. 19, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-1903

    PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspe... Read more

    Affected Products : postgresql
    • Published: Apr. 04, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-5210

    The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805.... Read more

    • Published: Aug. 21, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2024-2013

    An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway component that if exploited allows attackers without any access to interact with the services and the post-authentication attack surface.... Read more

    Affected Products : foxman-un unem
    • Published: Jun. 11, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-2663

    Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via un... Read more

    Affected Products : ruby ubuntu_linux debian_linux
    • Published: Jun. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-0446

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deploymen... Read more

    Affected Products : jdk jre jre jdk
    • Published: Feb. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-5007

    Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remote attackers to write to and execute arbitrary files as... Read more

    • Published: Jan. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-0605

    Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-201... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Jan. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0619

    Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-201... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Jan. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-5158

    The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary commands via unspecified vectors.... Read more

    • Published: Aug. 21, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-4981

    LPAR2RRD in 3.5 and earlier allows remote attackers to execute arbitrary commands due to insufficient input sanitization of the web GUI parameters.... Read more

    Affected Products : lpar2rrd
    • Published: Feb. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-0314

    Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • Published: Feb. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-0790

    Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving... Read more

    Affected Products : android firefox
    • Published: Apr. 03, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0796

    The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attacke... Read more

    • Published: Apr. 03, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 293261 Results