Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-4656

    Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.... Read more

    • EPSS Score: %0.74
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4658

    Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.... Read more

    Affected Products : ea6500_firmware ea6500
    • EPSS Score: %0.61
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4611

    Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving (1) the Online Designer page or (2) the Manage Survey Participants page.... Read more

    Affected Products : redcap redcap
    • EPSS Score: %1.30
    • Published: Jun. 17, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4659

    Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.... Read more

    • EPSS Score: %11.53
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-0860

    Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs.... Read more

    Affected Products : kerio_mailserver avg_plugin
    • EPSS Score: %0.42
    • Published: Feb. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2144

    Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %19.98
    • Published: May. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-0601

    Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-201... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %10.11
    • Published: Jan. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-3382

    layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possib... Read more

    Affected Products : firefox
    • EPSS Score: %18.23
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-4289

    Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1.5.2 allow remote attackers to have unspecified impact and vectors, which trigger a heap-based buffer overflow.... Read more

    Affected Products : openjpeg
    • EPSS Score: %2.31
    • Published: Apr. 18, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-27131

    Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserializa... Read more

    Affected Products : security_manager
    • EPSS Score: %84.36
    • Published: Nov. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4290

    Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.... Read more

    Affected Products : openjpeg
    • EPSS Score: %1.71
    • Published: Apr. 18, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-4267

    Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFil... Read more

    Affected Products : pydio
    • EPSS Score: %7.06
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-1358

    apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt int... Read more

    Affected Products : advanced_package_tool apt
    • EPSS Score: %1.37
    • Published: Apr. 21, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-4042

    Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-5370.... Read more

    • EPSS Score: %19.22
    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2024-25029

    IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). The vulnerability allows any unprivileged user with network access to a target computer to... Read more

    Affected Products : personal_communications
    • Published: Apr. 06, 2024
    • Modified: May. 07, 2025

  • 10.0

    CRITICAL
    CVE-2022-22995

    The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.... Read more

    • EPSS Score: %0.17
    • Published: Mar. 25, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2459

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and a... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %15.04
    • Published: Jun. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-29667

    In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration.... Read more

    Affected Products : m3_atm_monitoring_system
    • EPSS Score: %4.44
    • Published: Dec. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-3684

    NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload... Read more

    Affected Products : nextgen_gallery
    • EPSS Score: %43.19
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-1066

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %10.86
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292319 Results