Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-7013

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.24
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-0838

    Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.... Read more

    Affected Products : struts
    • EPSS Score: %64.34
    • Published: Mar. 02, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0804

    Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.... Read more

    Affected Products : cvs
    • EPSS Score: %2.51
    • Published: May. 29, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0764

    The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, ... Read more

    Affected Products : shockwave_player
    • EPSS Score: %14.58
    • Published: Feb. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0775

    The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %22.63
    • Published: Apr. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0758

    Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %10.79
    • Published: Feb. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0759

    Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %9.19
    • Published: Feb. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0766

    The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, ... Read more

    Affected Products : shockwave_player
    • EPSS Score: %9.19
    • Published: Feb. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0695

    Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.... Read more

    • EPSS Score: %0.22
    • Published: Jan. 12, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2024-20419

    A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper... Read more

    Affected Products : smart_software_manager_on-prem
    • Published: Jul. 17, 2024
    • Modified: Jul. 31, 2025

  • 10.0

    HIGH
    CVE-2007-3454

    Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI pro... Read more

    Affected Products : officescan officescan
    • EPSS Score: %19.74
    • Published: Jun. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3383

    Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • EPSS Score: %6.62
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-0467

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a de... Read more

    • EPSS Score: %2.91
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0469

    Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey ... Read more

    • EPSS Score: %44.80
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-5092

    Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header.... Read more

    Affected Products : edirectory
    • EPSS Score: %0.23
    • Published: Nov. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-0443

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %2.62
    • Published: Feb. 01, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0508

    Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX, 1.3.0 and earlier, and 1.2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : javafx
    • EPSS Score: %1.71
    • Published: Feb. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0299

    The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors.... Read more

    Affected Products : web_gateway
    • EPSS Score: %82.27
    • Published: May. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2016-8363

    An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Ser... Read more

    • EPSS Score: %0.28
    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-0262

    op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter.... Read more

    Affected Products : monitor system-op5config
    • EPSS Score: %91.15
    • Published: Dec. 31, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 292518 Results