Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2012-2049

    Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %31.22
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2020-35633

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() store_sm_boundary_item() Edge_of.A specially crafted malf... Read more

    • EPSS Score: %0.18
    • Published: Aug. 30, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-3911

    Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename argument... Read more

    Affected Products : netvault_reporter
    • EPSS Score: %19.74
    • Published: Jul. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-2735

    Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-20... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %18.88
    • Published: May. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-4174

    Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4175, and CVE-2012-5273.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %5.24
    • Published: Oct. 23, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0072

    Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application ... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %3.13
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-5329

    Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.... Read more

    • EPSS Score: %1.09
    • Published: Oct. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-5817

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %9.94
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2019-9901

    Envoy 1.9.0 and before does not normalize HTTP URL paths. A remote attacker may craft a relative path, e.g., something/../admin, to bypass access control, e.g., a block on /admin. A backend server could then interpret the non-normalized path and provide a... Read more

    Affected Products : envoy
    • EPSS Score: %0.12
    • Published: Apr. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-4584

    Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.... Read more

    Affected Products : bitchx
    • EPSS Score: %4.63
    • Published: Aug. 29, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-5562

    Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging... Read more

    • EPSS Score: %65.90
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-1620

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device. The vulnerability is due to incorrect permission settings in... Read more

    • EPSS Score: %85.60
    • Published: Jun. 27, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-0650

    Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Andr... Read more

    • EPSS Score: %3.65
    • Published: Mar. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0441

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, ... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %1.59
    • Published: Feb. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-7037

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code ex... Read more

    • EPSS Score: %7.62
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-0615

    Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0617, and CV... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %18.04
    • Published: Jan. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2662

    Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message.... Read more

    Affected Products : groupwise
    • EPSS Score: %16.73
    • Published: Oct. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6112

    Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : wireshark
    • EPSS Score: %4.17
    • Published: Nov. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2020-17407

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of aut... Read more

    Affected Products : bullet-lte_firmware bullet-lte
    • EPSS Score: %44.90
    • Published: Oct. 13, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-3120

    Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers... Read more

    • EPSS Score: %7.67
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 292100 Results