Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-3999

    Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.... Read more

    Affected Products : power_manager
    • EPSS Score: %69.90
    • Published: Jan. 20, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4009

    Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.... Read more

    Affected Products : recursor
    • EPSS Score: %0.04
    • Published: Jan. 08, 2010
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2025-30065

    Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code Users are recommended to upgrade to version 1.15.1, which fixes the issue.... Read more

    Affected Products : parquet parquet_java
    • Published: Apr. 01, 2025
    • Modified: Jul. 28, 2025

  • 10.0

    CRITICAL
    CVE-2024-52046

    The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows attackers to exploit the deserialization process ... Read more

    Affected Products : mina
    • Published: Dec. 25, 2024
    • Modified: Feb. 12, 2025

  • 10.0

    HIGH
    CVE-2014-3412

    Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.... Read more

    • EPSS Score: %1.94
    • Published: May. 20, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7004

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.96
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7013

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.24
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-0623

    Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-201... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %10.66
    • Published: Jan. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-3454

    Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI pro... Read more

    Affected Products : officescan officescan
    • EPSS Score: %19.74
    • Published: Jun. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3383

    Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • EPSS Score: %6.62
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-2026

    Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, and CVE-2012-2025.... Read more

    Affected Products : illustrator illustrator_cs5.5
    • EPSS Score: %25.02
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-0855

    The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path.... Read more

    Affected Products : pitivi
    • EPSS Score: %3.36
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-5092

    Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header.... Read more

    Affected Products : edirectory
    • EPSS Score: %0.23
    • Published: Nov. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-1680

    Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cau... Read more

    • EPSS Score: %3.18
    • Published: May. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2399

    Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the... Read more

    Affected Products : wordpress
    • EPSS Score: %6.78
    • Published: Apr. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2016-8363

    An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Ser... Read more

    • EPSS Score: %0.28
    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-1999-1011

    The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.... Read more

    • EPSS Score: %79.30
    • Published: Jul. 19, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-3805

    Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arb... Read more

    • EPSS Score: %31.84
    • Published: Mar. 25, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-14465

    An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in... Read more

    • EPSS Score: %36.95
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-28100

    Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the `TIOCLINUX` ioctl command instead of ... Read more

    Affected Products : flatpak
    • EPSS Score: %0.69
    • Published: Mar. 16, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 292095 Results