Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-0301

    Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe... Read more

    • EPSS Score: %7.40
    • Published: Jan. 13, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6944

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %1.97
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6998

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.24
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7019

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.86
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7406

    Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument.... Read more

    Affected Products : dropbear_ssh
    • EPSS Score: %10.35
    • Published: Mar. 03, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2004-0623

    Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.... Read more

    Affected Products : gnats
    • EPSS Score: %3.45
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-3107

    Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an u... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %14.53
    • Published: Jul. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3108

    Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to fo... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %10.64
    • Published: Jul. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-3039

    Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • EPSS Score: %8.70
    • Published: Apr. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4477

    Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.... Read more

    Affected Products : firefox ubuntu_linux opensuse
    • EPSS Score: %4.96
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-0561

    A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the conte... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %44.37
    • Published: Apr. 07, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-5589

    The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmenta... Read more

    Affected Products : php
    • EPSS Score: %8.49
    • Published: May. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-0897

    The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.... Read more

    Affected Products : windows_2003_server windows_xp
    • EPSS Score: %55.01
    • Published: Jan. 11, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-1695

    Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : fusion_middleware jre jdk
    • EPSS Score: %1.44
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-0304

    Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SD... Read more

    • EPSS Score: %8.01
    • Published: Jan. 13, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-0989

    Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL ... Read more

    • EPSS Score: %28.23
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1065

    Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.... Read more

    Affected Products : php ubuntu_linux secure_linux openpkg
    • EPSS Score: %6.90
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-1797

    IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors.... Read more

    Affected Products : db2
    • EPSS Score: %0.44
    • Published: Mar. 20, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-8548

    Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478.... Read more

    Affected Products : chrome v8
    • EPSS Score: %0.82
    • Published: Dec. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5578

    Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute a... Read more

    • EPSS Score: %4.30
    • Published: Sep. 22, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291558 Results