Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-3380

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u... Read more

    Affected Products : firefox
    • EPSS Score: %3.35
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2019-18253

    An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.... Read more

    Affected Products : relion_670_firmware relion_670
    • EPSS Score: %0.39
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3739

    Multiple unspecified vulnerabilities on the Rockwell Automation AB Micrologix 1100 and 1400 controllers allow remote attackers to obtain privileged access or cause a denial of service (halt) via unknown vectors.... Read more

    • EPSS Score: %0.06
    • Published: Jan. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4000

    Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.... Read more

    Affected Products : power_manager
    • EPSS Score: %31.58
    • Published: Jan. 20, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-3645

    Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 ... Read more

    • EPSS Score: %75.55
    • Published: Jun. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-5021

    Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed usi... Read more

    • EPSS Score: %3.71
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-16462

    Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a buffer error vulnerability. Successful exploitation could lea... Read more

    • EPSS Score: %3.62
    • Published: Dec. 19, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7193

    This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.... Read more

    Affected Products : qts
    • Actively Exploited
    • EPSS Score: %41.50
    • Published: Dec. 05, 2019
    • Modified: Feb. 13, 2025

  • 10.0

    HIGH
    CVE-2015-8402

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler befor... Read more

    • EPSS Score: %10.68
    • Published: Dec. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-8413

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler befor... Read more

    • EPSS Score: %58.48
    • Published: Dec. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-28901

    Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php.... Read more

    Affected Products : fusion
    • EPSS Score: %1.32
    • Published: May. 24, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0079

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/laye... Read more

    Affected Products : firefox
    • EPSS Score: %4.93
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0085

    Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the cu... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %2.45
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2019-3809

    A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility of b... Read more

    Affected Products : moodle
    • EPSS Score: %0.24
    • Published: Mar. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-3751

    Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    • EPSS Score: %4.38
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5034

    Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5031, CVE-2013-5032, and CVE-2013-5033.... Read more

    Affected Products : atmail
    • EPSS Score: %0.38
    • Published: Jan. 12, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-3061

    Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.... Read more

    • EPSS Score: %53.86
    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-3079

    Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary code execution.... Read more

    • EPSS Score: %3.63
    • Published: Jun. 20, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2011-2998

    Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.... Read more

    Affected Products : firefox
    • EPSS Score: %2.77
    • Published: Sep. 30, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-7025

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code executi... Read more

    • EPSS Score: %17.20
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292124 Results