Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-25226

    A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a... Read more

    • EPSS Score: %0.82
    • Published: Jan. 12, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1019

    The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and ... Read more

    Affected Products : php ubuntu_linux secure_linux openpkg
    • EPSS Score: %8.10
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2017-12229

    A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is... Read more

    Affected Products : ios_xe
    • EPSS Score: %9.26
    • Published: Sep. 29, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-0360

    Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • EPSS Score: %4.16
    • Published: Apr. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-2470

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and a... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %54.41
    • Published: Jun. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-1545

    Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.... Read more

    Affected Products : netscape_portable_runtime
    • EPSS Score: %3.60
    • Published: Jun. 11, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-2751

    Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "fo... Read more

    Affected Products : raidiator
    • EPSS Score: %83.49
    • Published: Dec. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-0507

    Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : ethereal propack
    • EPSS Score: %3.02
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2016-8717

    An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attacke... Read more

    Affected Products : awk-3131a_firmware awk-3131a
    • EPSS Score: %0.37
    • Published: Apr. 02, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-3339

    Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-20... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %18.88
    • Published: May. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2020-1472

    An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability coul... Read more

    • Actively Exploited
    • EPSS Score: %94.45
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-5257

    Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adob... Read more

    • EPSS Score: %6.41
    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1682

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerabili... Read more

    Affected Products : jdk jre
    • EPSS Score: %2.93
    • Published: Aug. 30, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0692

    The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting t... Read more

    • EPSS Score: %4.11
    • Published: Oct. 03, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5830

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confident... Read more

    • EPSS Score: %14.28
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-0788

    The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener.... Read more

    Affected Products : openshift jenkins
    • EPSS Score: %37.43
    • Published: Apr. 07, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6792

    The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manage... Read more

    Affected Products : chrome
    • EPSS Score: %19.70
    • Published: Dec. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2011-0384

    The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code ... Read more

    • EPSS Score: %5.71
    • Published: Feb. 25, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2005-3524

    Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, then executing the XPWD command.... Read more

    Affected Products : linux-ftpd-ssl
    • EPSS Score: %25.48
    • Published: Nov. 07, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-4272

    Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.... Read more

    Affected Products : aix
    • EPSS Score: %31.44
    • Published: Dec. 15, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291601 Results