Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-3763

    Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system wri... Read more

    • EPSS Score: %2.03
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-3794

    ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.... Read more

    Affected Products : coldfusion
    • EPSS Score: %21.11
    • Published: Mar. 25, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-3096

    Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character code mapping module. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : digital_editions
    • EPSS Score: %7.85
    • Published: Jun. 20, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-3114

    An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of providing language- and region- or ... Read more

    • EPSS Score: %9.68
    • Published: Dec. 09, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2020-12651

    SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX.... Read more

    • EPSS Score: %8.49
    • Published: May. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5597

    Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allo... Read more

    • EPSS Score: %3.63
    • Published: Oct. 30, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-7975

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • EPSS Score: %27.47
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-5636

    Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer ... Read more

    Affected Products : python
    • EPSS Score: %66.94
    • Published: Sep. 02, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-1039

    Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to e... Read more

    Affected Products : aix hp-ux vios nfs\/oncplus irix
    • EPSS Score: %24.36
    • Published: May. 20, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1230

    Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %0.30
    • Published: Apr. 01, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-1747

    A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the... Read more

    • EPSS Score: %2.59
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14746

    Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS.... Read more

    Affected Products : qts
    • EPSS Score: %6.11
    • Published: Nov. 28, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-1867

    Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln# DB02.... Read more

    Affected Products : database_server
    • EPSS Score: %2.43
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2137

    Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary c... Read more

    • EPSS Score: %8.39
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-0953

    Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-09... Read more

    Affected Products : photoshop_cc mac_os_x windows bridge_cc
    • EPSS Score: %17.55
    • Published: Feb. 10, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-2495

    The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer der... Read more

    • EPSS Score: %1.49
    • Published: Sep. 08, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-6938

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %1.94
    • Published: Sep. 17, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1048

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %13.21
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1050

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %8.71
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2025-1744

    Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.... Read more

    Affected Products : radare2
    • Published: Feb. 28, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291712 Results