Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2014-10046

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttl... Read more

    • EPSS Score: %0.26
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-4096

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %3.31
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4103

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %3.31
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2020-28631

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • EPSS Score: %0.30
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0070

    Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corrupti... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %2.94
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-12791

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user... Read more

    • EPSS Score: %5.48
    • Published: Jul. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-3075

    Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution.... Read more

    • EPSS Score: %1.68
    • Published: Jun. 20, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2014-0862

    Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    • EPSS Score: %17.37
    • Published: Mar. 02, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-7840

    ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %49.53
    • Published: Jun. 12, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-28250

    Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side.... Read more

    Affected Products : nvt_web_server
    • EPSS Score: %2.60
    • Published: Nov. 06, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-0787

    Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet.... Read more

    Affected Products : kingscada kingview
    • EPSS Score: %53.62
    • Published: Apr. 12, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0749

    Stack-based buffer overflow in lib/Libdis/disrsi_.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x through 2.5.13 allows remote attackers to execute arbitrary code via a large count value.... Read more

    Affected Products : torque_resource_manager
    • EPSS Score: %68.03
    • Published: May. 16, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0721

    The Cisco Unified SIP Phone 3905 with firmware before 9.4(1) allows remote attackers to obtain root access via a session on the test interface on TCP port 7870, aka Bug ID CSCuh75574.... Read more

    Affected Products : unified_sip_phone_3905
    • EPSS Score: %1.14
    • Published: Feb. 22, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0703

    Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers to bypass intended access restrictions by connecting to a... Read more

    • EPSS Score: %0.93
    • Published: Mar. 06, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0683

    The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication reque... Read more

    • EPSS Score: %29.44
    • Published: Mar. 06, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-28188

    Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter.... Read more

    Affected Products : tos tos
    • EPSS Score: %93.44
    • Published: Dec. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-0650

    The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962.... Read more

    Affected Products : secure_access_control_system
    • EPSS Score: %6.62
    • Published: Jan. 16, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0659

    The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, an... Read more

    • EPSS Score: %64.48
    • Published: Jan. 12, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6941

    Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell via unknown vectors.... Read more

    • EPSS Score: %0.42
    • Published: Mar. 11, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0609

    Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.... Read more

    • EPSS Score: %0.21
    • Published: Aug. 17, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 292325 Results