Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2019-10883

    Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow Command Injection.... Read more

    • EPSS Score: %51.88
    • Published: Jun. 03, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-3569

    Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE:... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %16.09
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-8459

    Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %20.52
    • Published: Dec. 10, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5123

    Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x th... Read more

    • Actively Exploited
    • EPSS Score: %45.20
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5131

    Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrar... Read more

    • EPSS Score: %71.45
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-3574

    Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %8.47
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-0135

    IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.... Read more

    Affected Products : lotus_domino domino
    • EPSS Score: %32.38
    • Published: Apr. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2011-0364

    The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.... Read more

    Affected Products : security_agent
    • EPSS Score: %15.54
    • Published: Feb. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1374

    Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on And... Read more

    • EPSS Score: %4.68
    • Published: Feb. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-2703

    Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID fiel... Read more

    Affected Products : groupwise_messenger
    • EPSS Score: %70.77
    • Published: Jun. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-0553

    Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK ... Read more

    • EPSS Score: %4.25
    • Published: Sep. 10, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-1682

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corrup... Read more

    • EPSS Score: %1.27
    • Published: Jun. 26, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-4151

    Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %19.38
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-1989

    HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988.... Read more

    Affected Products : network_automation
    • EPSS Score: %13.50
    • Published: Mar. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2017-6326

    The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process.... Read more

    Affected Products : messaging_gateway message_gateway
    • EPSS Score: %70.46
    • Published: Jun. 26, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-0468

    The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors re... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %2.46
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-25226

    A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a... Read more

    • EPSS Score: %0.82
    • Published: Jan. 12, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1019

    The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and ... Read more

    Affected Products : php ubuntu_linux secure_linux openpkg
    • EPSS Score: %8.10
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2017-12229

    A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is... Read more

    Affected Products : ios_xe
    • EPSS Score: %9.26
    • Published: Sep. 29, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-0360

    Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • EPSS Score: %4.16
    • Published: Apr. 14, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 292100 Results