Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-24384

    A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5... Read more

    • EPSS Score: %5.64
    • Published: Nov. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0080

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and ap... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %1.85
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0267

    Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %80.16
    • Published: Jan. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-4213

    IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Fo... Read more

    • EPSS Score: %28.94
    • Published: Feb. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-5134

    Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."... Read more

    Affected Products : linux_kernel
    • EPSS Score: %2.82
    • Published: Nov. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-4652

    Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection.... Read more

    • EPSS Score: %11.12
    • Published: Aug. 01, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0478

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale point... Read more

    Affected Products : chrome chrome_os
    • EPSS Score: %2.52
    • Published: Jan. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-7252

    libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.... Read more

    Affected Products : phpmyadmin
    • EPSS Score: %3.14
    • Published: Jan. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-7811

    Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56.... Read more

    Affected Products : firefox
    • EPSS Score: %2.63
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-7827

    Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57.... Read more

    Affected Products : firefox
    • EPSS Score: %2.65
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-0138

    servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %2.50
    • Published: Feb. 13, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-0815

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affe... Read more

    Affected Products : jre jdk
    • EPSS Score: %7.57
    • Published: Jun. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0873

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ... Read more

    Affected Products : jre jdk
    • EPSS Score: %14.99
    • Published: Jun. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2022-24884

    ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, ma... Read more

    Affected Products : fedora debian_linux ecdsautils
    • EPSS Score: %0.09
    • Published: May. 06, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-28900

    Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.... Read more

    Affected Products : nagios_xi fusion
    • EPSS Score: %0.47
    • Published: May. 24, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-20703

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization... Read more

    • Actively Exploited
    • EPSS Score: %3.60
    • Published: Feb. 10, 2022
    • Modified: Mar. 13, 2025

  • 10.0

    CRITICAL
    CVE-2022-20710

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization... Read more

    • EPSS Score: %1.73
    • Published: Feb. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-4265

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.72
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-21874

    Windows Security Center API Remote Code Execution Vulnerability... Read more

    • EPSS Score: %3.29
    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-2722

    Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttp... Read more

    • EPSS Score: %2.29
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291531 Results