Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2012-5137

    Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API.... Read more

    Affected Products : chrome opensuse
    • EPSS Score: %4.00
    • Published: Dec. 04, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-3093

    Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the bitmap representation module. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : digital_editions
    • EPSS Score: %7.85
    • Published: Jun. 20, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2018-0125

    A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuin... Read more

    • Actively Exploited
    • EPSS Score: %73.09
    • Published: Feb. 08, 2018
    • Modified: Jan. 27, 2025

  • 10.0

    HIGH
    CVE-2008-1948

    The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remot... Read more

    Affected Products : gnutls
    • EPSS Score: %23.88
    • Published: May. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-10269

    BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.... Read more

    Affected Products : ubuntu_linux burrow-wheeler_aligner
    • EPSS Score: %0.83
    • Published: Mar. 29, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-12714

    An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index inval... Read more

    Affected Products : linux_kernel
    • EPSS Score: %1.20
    • Published: Jun. 24, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-1095

    Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200... Read more

    Affected Products : jre jdk
    • EPSS Score: %15.58
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-0693

    The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers... Read more

    • EPSS Score: %0.62
    • Published: Oct. 03, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0873

    The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses."... Read more

    Affected Products : ffmpeg
    • EPSS Score: %2.01
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-0171

    A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitra... Read more

    Affected Products : ios
    • Actively Exploited
    • EPSS Score: %93.52
    • Published: Mar. 28, 2018
    • Modified: Jan. 27, 2025

  • 10.0

    HIGH
    CVE-2013-1710

    The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code o... Read more

    • EPSS Score: %79.22
    • Published: Aug. 07, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1718

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of s... Read more

    • EPSS Score: %1.56
    • Published: Sep. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-10662

    An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.... Read more

    • EPSS Score: %83.53
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-3116

    Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (ap... Read more

    • EPSS Score: %12.28
    • Published: Aug. 24, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2350

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.... Read more

    Affected Products : storage_data_protector
    • EPSS Score: %27.67
    • Published: Jan. 04, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-15505

    drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %0.58
    • Published: Aug. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-12812

    Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user... Read more

    • EPSS Score: %7.60
    • Published: Jul. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-3270

    The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges... Read more

    • EPSS Score: %16.43
    • Published: Oct. 14, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3427

    Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.... Read more

    • Actively Exploited
    • EPSS Score: %93.63
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3586

    Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a dif... Read more

    Affected Products : weblogic_server
    • EPSS Score: %12.86
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291398 Results