Latest CVE Feed
-
10.0
HIGHCVE-2020-28900
Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.... Read more
- EPSS Score: %0.47
- Published: May. 24, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2022-20703
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization... Read more
Affected Products : rv340_firmware rv340w_firmware rv345_firmware rv345p_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware rv260w_firmware small_business_rv_series_router_firmware +9 more products- Actively Exploited
- EPSS Score: %3.60
- Published: Feb. 10, 2022
- Modified: Mar. 13, 2025
-
10.0
CRITICALCVE-2022-20710
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization... Read more
- EPSS Score: %1.73
- Published: Feb. 10, 2022
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2016-4265
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more
- EPSS Score: %5.72
- Published: Aug. 26, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2022-21874
Windows Security Center API Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 +6 more products- EPSS Score: %3.29
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2015-2722
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttp... Read more
- EPSS Score: %2.29
- Published: Jul. 06, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2011-2140
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a deni... Read more
- EPSS Score: %89.84
- Published: Aug. 10, 2011
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2011-2371
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Arra... Read more
- EPSS Score: %87.00
- Published: Jun. 30, 2011
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2019-7762
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more
- EPSS Score: %2.07
- Published: May. 22, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-7791
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more
- EPSS Score: %2.07
- Published: May. 22, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-8001
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
- EPSS Score: %21.66
- Published: Aug. 26, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-27391
A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >=... Read more
Affected Products : apogee_mbc_\(ppc\)_\(p2_ethernet\)_firmware apogee_mec_\(ppc\)_\(p2_ethernet\)_firmware apogee_pxc_bacnet_automation_controller_firmware apogee_pxc_compact_\(p2_ethernet\)_firmware apogee_pxc_modular_\(bacnet\)_firmware apogee_pxc_modular_\(p2_ethernet\)_firmware talon_tc_compact_\(bacnet\)_firmware talon_tc_modular_\(bacnet\)_firmware apogee_mbc_\(ppc\)_\(p2_ethernet\) apogee_mec_\(ppc\)_\(p2_ethernet\) +6 more products- EPSS Score: %2.86
- Published: Sep. 14, 2021
- Modified: Apr. 23, 2025
-
10.0
HIGHCVE-2012-4160
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-... Read more
- EPSS Score: %19.38
- Published: Aug. 15, 2012
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2017-9772
Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAML_CPLUGINS, CAML_NATIVE_CPLUGINS, or CAML_BYTE_CPLUGINS environment variab... Read more
- EPSS Score: %6.64
- Published: Jun. 23, 2017
- Modified: Apr. 20, 2025
-
10.0
CRITICALCVE-2024-1212
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. ... Read more
Affected Products : loadmaster- Actively Exploited
- Published: Feb. 21, 2024
- Modified: Jan. 27, 2025
-
10.0
HIGHCVE-2022-30525
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 ... Read more
Affected Products : usg20w-vpn_firmware usg_flex_100w_firmware usg_flex_200_firmware usg_flex_500_firmware usg_flex_50w_firmware usg_flex_700_firmware vpn100_firmware vpn1000_firmware vpn300_firmware vpn50_firmware +22 more products- Actively Exploited
- EPSS Score: %94.44
- Published: May. 12, 2022
- Modified: Mar. 13, 2025
-
10.0
HIGHCVE-2022-1660
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code.... Read more
- EPSS Score: %0.51
- Published: Jun. 02, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-41277
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment v... Read more
Affected Products : metabase- Actively Exploited
- EPSS Score: %94.40
- Published: Nov. 17, 2021
- Modified: Feb. 18, 2025
-
10.0
CRITICALCVE-2022-24816
JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, ... Read more
Affected Products : jai-ext- Actively Exploited
- EPSS Score: %94.06
- Published: Apr. 13, 2022
- Modified: Feb. 18, 2025
-
10.0
HIGHCVE-2021-36745
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentic... Read more
- EPSS Score: %18.72
- Published: Sep. 29, 2021
- Modified: Nov. 21, 2024