Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2014-0474

    The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attacker... Read more

    Affected Products : ubuntu_linux django
    • EPSS Score: %6.29
    • Published: Apr. 23, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0501

    Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %24.48
    • Published: Feb. 12, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0494

    Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.... Read more

    Affected Products : digital_editions
    • EPSS Score: %9.91
    • Published: Jan. 23, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-1067

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %13.21
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0456

    Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.... Read more

    • EPSS Score: %8.19
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0415

    Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410,... Read more

    Affected Products : jdk jre
    • EPSS Score: %5.42
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-5124

    Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp).... Read more

    Affected Products : proxysg proxysg proxyone
    • EPSS Score: %70.25
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0422

    Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from th... Read more

    Affected Products : jdk jre
    • EPSS Score: %8.13
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0397

    Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors."... Read more

    Affected Products : solaris
    • EPSS Score: %0.96
    • Published: Oct. 06, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-5011

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user... Read more

    • EPSS Score: %5.48
    • Published: Jul. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-0429

    Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.... Read more

    • EPSS Score: %8.81
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0349

    Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary code via a crafted JPEG 2000 file.... Read more

    Affected Products : j2k-codec
    • EPSS Score: %3.86
    • Published: Apr. 12, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-1488

    The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in c... Read more

    • EPSS Score: %1.09
    • Published: Feb. 06, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-1126

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.11
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-27976

    osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option.... Read more

    Affected Products : oscommerce
    • EPSS Score: %20.02
    • Published: Oct. 28, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-1806

    The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute arbitrary code via vectors involving malformed objects, aka "Ty... Read more

    Affected Products : .net_framework
    • EPSS Score: %26.75
    • Published: May. 14, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-5819

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %52.89
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5330

    Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow a... Read more

    • EPSS Score: %2.95
    • Published: Nov. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-27955

    Git LFS 2.12.0 allows Remote Code Execution.... Read more

    Affected Products : git_large_file_storage
    • EPSS Score: %92.62
    • Published: Nov. 05, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5842

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors re... Read more

    • EPSS Score: %28.61
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 292522 Results