Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2024-44146

    A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 25, 2025

  • 10.0

    CRITICAL
    CVE-2024-38999

    jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.... Read more

    Affected Products :
    • Published: Jul. 01, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-22515

    Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluenc... Read more

    • Actively Exploited
    • EPSS Score: %94.36
    • Published: Oct. 04, 2023
    • Modified: Feb. 09, 2025

  • 10.0

    HIGH
    CVE-2022-22954

    VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code executi... Read more

    • Actively Exploited
    • EPSS Score: %94.44
    • Published: Apr. 11, 2022
    • Modified: Mar. 12, 2025

  • 10.0

    CRITICAL
    CVE-2021-41556

    sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of ... Read more

    Affected Products : fedora squirrel
    • EPSS Score: %0.56
    • Published: Jul. 28, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-37716

    A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN S... Read more

    • EPSS Score: %1.58
    • Published: Sep. 07, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-3466

    A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulner... Read more

    Affected Products : enterprise_linux fedora libmicrohttpd
    • EPSS Score: %0.42
    • Published: Mar. 25, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-34473

    Microsoft Exchange Server Remote Code Execution Vulnerability... Read more

    Affected Products : exchange_server
    • Actively Exploited
    • EPSS Score: %94.26
    • Published: Jul. 14, 2021
    • Modified: Feb. 24, 2025

  • 10.0

    HIGH
    CVE-2021-32935

    The affected Cognex product, the In-Sight OPC Server versions v5.7.4 (96) and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation.... Read more

    Affected Products : in-sight_opc_server
    • EPSS Score: %0.32
    • Published: May. 23, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-26897

    Windows DNS Server Remote Code Execution Vulnerability... Read more

    • EPSS Score: %10.79
    • Published: Mar. 11, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-23165

    A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service.... Read more

    Affected Products : htmldoc
    • EPSS Score: %0.38
    • Published: Mar. 16, 2022
    • Modified: Feb. 05, 2025

  • 10.0

    HIGH
    CVE-2021-2394

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthentica... Read more

    Affected Products : weblogic_server
    • EPSS Score: %90.66
    • Published: Jul. 21, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-4415

    IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associat... Read more

    Affected Products : spectrum_protect
    • EPSS Score: %24.57
    • Published: Apr. 23, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-3742

    Adobe Acrobat and Reader versions, 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    • EPSS Score: %4.79
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-3531

    A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system. The vulnerability exists because the affected software does not properly authe... Read more

    Affected Products : iot_field_network_director
    • EPSS Score: %4.84
    • Published: Nov. 18, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-28633

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • EPSS Score: %0.38
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-28623

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • EPSS Score: %0.32
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-28636

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to trigge... Read more

    • EPSS Score: %0.79
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-27131

    Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserializa... Read more

    Affected Products : security_manager
    • EPSS Score: %84.36
    • Published: Nov. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-25787

    An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them.... Read more

    Affected Products : tiny_tiny_rss
    • EPSS Score: %13.77
    • Published: Sep. 19, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291520 Results