Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-1210

    Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obt... Read more

    Affected Products : wireshark
    • EPSS Score: %34.47
    • Published: Apr. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2020-3382

    A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability exis... Read more

    • EPSS Score: %13.06
    • Published: Jul. 31, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-5103

    Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary ... Read more

    • EPSS Score: %3.22
    • Published: Jul. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5122

    Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x... Read more

    • Actively Exploited
    • EPSS Score: %92.38
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-6115

    Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : wireshark
    • EPSS Score: %4.94
    • Published: Nov. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-4151

    The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted set_file request.... Read more

    • EPSS Score: %11.38
    • Published: Jun. 18, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4208

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %15.08
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-0544

    Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these ... Read more

    Affected Products : sdl_image
    • EPSS Score: %8.67
    • Published: Feb. 01, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2005-3450

    Unspecified vulnerability in the HTTP Server in Oracle Application Server 1.0 up to 9.0.2.3 has unknown impact and attack vectors, as identified by Oracle Vuln# AS04.... Read more

    Affected Products : application_server
    • EPSS Score: %2.05
    • Published: Nov. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-4212

    Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.80
    • Published: Oct. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-0524

    Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %8.68
    • Published: May. 14, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-1007

    Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_... Read more

    • EPSS Score: %12.34
    • Published: Feb. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-0288

    Multiple unspecified vulnerabilities in the Oracle Reports Developer component of Oracle Application Server 9.0.4.1 and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) REP01 and (2) R... Read more

    Affected Products : e-business_suite application_server
    • EPSS Score: %2.94
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2013-2810

    Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack.... Read more

    • EPSS Score: %3.02
    • Published: Dec. 08, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2020-35634

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Sloop_of. A specially crafted... Read more

    • EPSS Score: %0.18
    • Published: Aug. 30, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-2446

    Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_opt... Read more

    Affected Products : samba
    • EPSS Score: %78.83
    • Published: May. 14, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-2901

    The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.... Read more

    Affected Products : debian_linux chrome
    • EPSS Score: %1.55
    • Published: Jul. 28, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-0692

    Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask... Read more

    Affected Products : dhcp
    • EPSS Score: %28.13
    • Published: Jul. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-4452

    Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentialit... Read more

    Affected Products : jre jdk
    • EPSS Score: %87.78
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-0347

    Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • EPSS Score: %4.16
    • Published: Apr. 14, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291751 Results