Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2020-28626

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • EPSS Score: %0.32
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-27637

    The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages() function ... Read more

    Affected Products : cran
    • EPSS Score: %0.78
    • Published: Jan. 12, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-25228

    A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full c... Read more

    Affected Products : logo\!_8_bm_firmware logo\!_8_bm
    • EPSS Score: %0.44
    • Published: Dec. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-14855

    Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network ... Read more

    Affected Products : universal_work_queue
    • EPSS Score: %5.09
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-0796

    A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.... Read more

    • Actively Exploited
    • EPSS Score: %94.42
    • Published: Mar. 12, 2020
    • Modified: Apr. 04, 2025

  • 10.0

    HIGH
    CVE-2019-7998

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • EPSS Score: %21.66
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7993

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • EPSS Score: %26.36
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7833

    Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more

    • EPSS Score: %2.07
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7764

    Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Succe... Read more

    • EPSS Score: %2.07
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7304

    Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.... Read more

    Affected Products : ubuntu_linux snapd
    • EPSS Score: %82.22
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7119

    Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code ex... Read more

    • EPSS Score: %4.22
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7083

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code executi... Read more

    • EPSS Score: %17.20
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-5319

    A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba... Read more

    • EPSS Score: %1.74
    • Published: Mar. 30, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-4087

    IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly... Read more

    • EPSS Score: %8.41
    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-14896

    A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_exis... Read more

    • EPSS Score: %2.58
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-1181

    A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authen... Read more

    • EPSS Score: %68.40
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-11510

    In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Actively Exploited
    • EPSS Score: %94.33
    • Published: May. 08, 2019
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-8302

    A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.... Read more

    Affected Products : exchange_server
    • EPSS Score: %25.90
    • Published: Aug. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-7084

    A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files,... Read more

    • EPSS Score: %4.79
    • Published: May. 10, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-4872

    An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is a security bypass vulnerability that leads to a sandbox escape. Specifical... Read more

    • EPSS Score: %5.45
    • Published: Feb. 27, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291878 Results