Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2019-8070

    Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.... Read more

    • EPSS Score: %2.03
    • Published: Sep. 12, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-0209

    Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats t... Read more

    • EPSS Score: %78.54
    • Published: Nov. 03, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-8069

    Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.... Read more

    • EPSS Score: %3.43
    • Published: Sep. 12, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-0226

    Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.... Read more

    • EPSS Score: %1.18
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0185

    Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.... Read more

    Affected Products : wu-ftpd
    • EPSS Score: %7.26
    • Published: Mar. 15, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0168

    Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %1.22
    • Published: Mar. 15, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0277

    Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.... Read more

    Affected Products : dream_ftp_server
    • EPSS Score: %8.07
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-8073

    ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user.... Read more

    Affected Products : coldfusion
    • EPSS Score: %14.78
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-8060

    Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a command injection vulnerability. Successful... Read more

    • EPSS Score: %13.38
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-8049

    Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exp... Read more

    • EPSS Score: %41.50
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-0139

    Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors.... Read more

    Affected Products : irix
    • EPSS Score: %0.43
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0097

    Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.... Read more

    Affected Products : pwlib
    • EPSS Score: %27.04
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0040

    Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.... Read more

    Affected Products : vpn-1 firewall-1 vpn-1_firewall-1
    • EPSS Score: %25.88
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-8001

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • EPSS Score: %21.66
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-4325

    Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.... Read more

    Affected Products : groupwise
    • EPSS Score: %19.92
    • Published: Jan. 28, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2003-1603

    GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors.... Read more

    Affected Products : discovery_vh
    • EPSS Score: %0.62
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-7974

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • EPSS Score: %27.47
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-1595

    NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.... Read more

    Affected Products : netware netware_ftp_server
    • EPSS Score: %0.29
    • Published: Apr. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-7969

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • EPSS Score: %27.47
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-1573

    The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequat... Read more

    Affected Products : j2ee
    • EPSS Score: %3.44
    • Published: Jun. 01, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 292508 Results