Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-6112

    Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : wireshark
    • EPSS Score: %4.17
    • Published: Nov. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2020-17407

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of aut... Read more

    Affected Products : bullet-lte_firmware bullet-lte
    • EPSS Score: %44.90
    • Published: Oct. 13, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-11186

    On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-pre... Read more

    Affected Products : cloudvision_portal
    • Published: May. 08, 2025
    • Modified: May. 12, 2025
    • Vuln Type: Authorization

  • 10.0

    HIGH
    CVE-2009-4741

    Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors.... Read more

    Affected Products : windows skype
    • EPSS Score: %0.41
    • Published: Mar. 26, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-3120

    Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers... Read more

    • EPSS Score: %7.67
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-2799

    Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown ... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %8.43
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-5086

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %7.29
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6493

    The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to execute arbitrary code via a certain argument to the SetHandler method.... Read more

    Affected Products : imesh
    • EPSS Score: %8.08
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-5252

    Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.... Read more

    • EPSS Score: %7.89
    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-5271

    Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.... Read more

    • EPSS Score: %8.10
    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-5279

    Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.... Read more

    • EPSS Score: %3.72
    • Published: Nov. 07, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-6765

    Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs.... Read more

    Affected Products : chrome
    • EPSS Score: %4.71
    • Published: Dec. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5584

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.... Read more

    • EPSS Score: %1.66
    • Published: Sep. 22, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2009-4634

    Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2... Read more

    Affected Products : ffmpeg
    • EPSS Score: %5.99
    • Published: Feb. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4643

    Stack-based buffer overflow in dsInstallerService.dll in the Juniper Installer Service, as used in Juniper Odyssey Access Client 4.72.11421.0 and other products, allows remote attackers to execute arbitrary code via a long string in a malformed DSSETUPSER... Read more

    Affected Products : odyssey_access_client
    • EPSS Score: %4.09
    • Published: Feb. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4637

    FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.... Read more

    Affected Products : ffmpeg
    • EPSS Score: %33.81
    • Published: Feb. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4633

    vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and trigger... Read more

    Affected Products : ffmpeg
    • EPSS Score: %6.79
    • Published: Feb. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4660

    Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.... Read more

    Affected Products : bigant_messenger
    • EPSS Score: %80.72
    • Published: Mar. 03, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4594

    Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.131 for Domino 8.0.x has unknown impact and attack vectors, aka SPR SDOY7RHBNH.... Read more

    • EPSS Score: %0.43
    • Published: Jan. 09, 2010
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-5955

    Unspecified vulnerability in the IBM HTTP Server component 5.3 in IBM WebSphere Application Server (WAS) for z/OS allows remote attackers to execute arbitrary commands via unknown vectors.... Read more

    • EPSS Score: %4.70
    • Published: Dec. 20, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 292319 Results