Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-5344

    Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitra... Read more

    • EPSS Score: %7.12
    • Published: Mar. 31, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-3992

    OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi ma... Read more

    Affected Products : esxi cloud_foundation
    • Actively Exploited
    • EPSS Score: %90.42
    • Published: Oct. 20, 2020
    • Modified: Apr. 02, 2025

  • 10.0

    HIGH
    CVE-2020-3586

    A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient validation of user-supplied i... Read more

    Affected Products : dna_spaces\
    • EPSS Score: %2.23
    • Published: Nov. 18, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-35629

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • EPSS Score: %0.38
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-29557

    An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer overflow in the web interface allows attackers to achieve pre-authentication remote code execution.... Read more

    • Actively Exploited
    • EPSS Score: %91.69
    • Published: Jan. 29, 2021
    • Modified: Mar. 14, 2025

  • 10.0

    CRITICAL
    CVE-2020-28628

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • EPSS Score: %0.30
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-28618

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • EPSS Score: %0.32
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-28608

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • EPSS Score: %0.38
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-24636

    A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and belo... Read more

    • EPSS Score: %4.51
    • Published: Mar. 29, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-14882

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthent... Read more

    Affected Products : weblogic_server
    • Actively Exploited
    • EPSS Score: %94.45
    • Published: Oct. 21, 2020
    • Modified: Feb. 07, 2025

  • 10.0

    CRITICAL
    CVE-2020-12388

    The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.... Read more

    Affected Products : firefox firefox_esr windows
    • EPSS Score: %1.50
    • Published: May. 26, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-11066

    In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, calling unserialize() on malicious user-submitted content can lead to modification of dynamically-determined object attributes and r... Read more

    Affected Products : typo3
    • EPSS Score: %0.53
    • Published: May. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-0690

    An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.... Read more

    • EPSS Score: %13.25
    • Published: Mar. 12, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-9174

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows SSRF.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.36
    • Published: Apr. 17, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7968

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • EPSS Score: %21.75
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7788

    Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more

    • EPSS Score: %2.02
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7095

    Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows digital_editions
    • EPSS Score: %8.15
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7085

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution... Read more

    • EPSS Score: %18.82
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7052

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code ex... Read more

    • EPSS Score: %7.62
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-16460

    Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful expl... Read more

    • EPSS Score: %2.62
    • Published: Dec. 19, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291024 Results