Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2019-8196

    Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation... Read more

    • EPSS Score: %29.78
    • Published: Oct. 17, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-0775

    Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not prop... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %6.58
    • Published: Mar. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-7051

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitra... Read more

    • EPSS Score: %10.14
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-1523

    The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.61
    • Published: Apr. 12, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2025-2857

    Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sand... Read more

    Affected Products : firefox firefox_esr
    • Published: Mar. 27, 2025
    • Modified: May. 01, 2025
    • Vuln Type: Authorization

  • 10.0

    HIGH
    CVE-2011-3521

    Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confident... Read more

    Affected Products : jre jdk
    • EPSS Score: %5.86
    • Published: Oct. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-2189

    SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: this issue can be used to trigger path disclosure. In addition, it might be primary to vector 1 i... Read more

    Affected Products : sblog
    • EPSS Score: %1.05
    • Published: May. 04, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2014-7169

    GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment... Read more

    • Actively Exploited
    • EPSS Score: %90.11
    • Published: Sep. 25, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-5273

    Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, and CVE-2012-4175.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %3.71
    • Published: Oct. 23, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-5541

    Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execu... Read more

    • EPSS Score: %10.64
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5551

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to exe... Read more

    • EPSS Score: %53.50
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-1080

    The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload... Read more

    Affected Products : zenworks_configuration_management
    • EPSS Score: %72.92
    • Published: Mar. 29, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1372

    Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and ... Read more

    • EPSS Score: %4.19
    • Published: Feb. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-5574

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.... Read more

    • EPSS Score: %71.01
    • Published: Sep. 22, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-0467

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a de... Read more

    • EPSS Score: %2.91
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0428

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, ... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %1.82
    • Published: Feb. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6048

    IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.... Read more

    • EPSS Score: %0.76
    • Published: Nov. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-0659

    The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 allows remote attackers to execute arbitrary code via a crafted packet to UDP port 17185.... Read more

    • EPSS Score: %2.10
    • Published: Apr. 01, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1954

    Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to ... Read more

    • EPSS Score: %3.40
    • Published: Jul. 18, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1972

    Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attac... Read more

    • EPSS Score: %3.30
    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 292124 Results