Latest CVE Feed
-
10.0
HIGHCVE-2011-2140
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a deni... Read more
- EPSS Score: %89.84
- Published: Aug. 10, 2011
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2011-2371
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Arra... Read more
- EPSS Score: %87.00
- Published: Jun. 30, 2011
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2019-7762
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more
- EPSS Score: %2.07
- Published: May. 22, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-7791
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more
- EPSS Score: %2.07
- Published: May. 22, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-8001
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
- EPSS Score: %21.66
- Published: Aug. 26, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-27391
A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >=... Read more
Affected Products : apogee_mbc_\(ppc\)_\(p2_ethernet\)_firmware apogee_mec_\(ppc\)_\(p2_ethernet\)_firmware apogee_pxc_bacnet_automation_controller_firmware apogee_pxc_compact_\(p2_ethernet\)_firmware apogee_pxc_modular_\(bacnet\)_firmware apogee_pxc_modular_\(p2_ethernet\)_firmware talon_tc_compact_\(bacnet\)_firmware talon_tc_modular_\(bacnet\)_firmware apogee_mbc_\(ppc\)_\(p2_ethernet\) apogee_mec_\(ppc\)_\(p2_ethernet\) +6 more products- EPSS Score: %2.86
- Published: Sep. 14, 2021
- Modified: Apr. 23, 2025
-
10.0
HIGHCVE-2012-4160
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-... Read more
- EPSS Score: %19.38
- Published: Aug. 15, 2012
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2017-9772
Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAML_CPLUGINS, CAML_NATIVE_CPLUGINS, or CAML_BYTE_CPLUGINS environment variab... Read more
- EPSS Score: %6.64
- Published: Jun. 23, 2017
- Modified: Apr. 20, 2025
-
10.0
CRITICALCVE-2024-1212
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. ... Read more
Affected Products : loadmaster- Actively Exploited
- Published: Feb. 21, 2024
- Modified: Jan. 27, 2025
-
10.0
HIGHCVE-2022-30525
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 ... Read more
Affected Products : usg20w-vpn_firmware usg_flex_100w_firmware usg_flex_200_firmware usg_flex_500_firmware usg_flex_50w_firmware usg_flex_700_firmware vpn100_firmware vpn1000_firmware vpn300_firmware vpn50_firmware +22 more products- Actively Exploited
- EPSS Score: %94.44
- Published: May. 12, 2022
- Modified: Mar. 13, 2025
-
10.0
HIGHCVE-2022-1660
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code.... Read more
- EPSS Score: %0.51
- Published: Jun. 02, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-41277
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment v... Read more
Affected Products : metabase- Actively Exploited
- EPSS Score: %94.40
- Published: Nov. 17, 2021
- Modified: Feb. 18, 2025
-
10.0
CRITICALCVE-2022-24816
JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, ... Read more
Affected Products : jai-ext- Actively Exploited
- EPSS Score: %94.06
- Published: Apr. 13, 2022
- Modified: Feb. 18, 2025
-
10.0
HIGHCVE-2021-36745
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentic... Read more
- EPSS Score: %18.72
- Published: Sep. 29, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-32495
Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service. ... Read more
Affected Products : radare2- EPSS Score: %0.26
- Published: Jul. 07, 2023
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2020-1953
Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the defa... Read more
- EPSS Score: %2.73
- Published: Mar. 13, 2020
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2019-8779
A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restric... Read more
- EPSS Score: %0.52
- Published: Dec. 18, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-3929
The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP... Read more
- Actively Exploited
- EPSS Score: %93.99
- Published: Apr. 30, 2019
- Modified: Feb. 07, 2025
-
10.0
CRITICALCVE-2019-25136
A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.... Read more
Affected Products : firefox- EPSS Score: %0.32
- Published: Jun. 19, 2023
- Modified: Dec. 11, 2024
-
10.0
HIGHCVE-2018-11714
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /... Read more
- EPSS Score: %5.94
- Published: Jun. 04, 2018
- Modified: Nov. 21, 2024