Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-2420

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity,... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %6.20
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-4485

    The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-bounds read.... Read more

    Affected Products : php
    • EPSS Score: %1.56
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-8611

    BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote attackers ... Read more

    • EPSS Score: %3.57
    • Published: Jan. 12, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-0508

    Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.35
    • Published: Mar. 30, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-1544

    Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execut... Read more

    • EPSS Score: %3.22
    • Published: Jul. 23, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-6148

    Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requ... Read more

    • EPSS Score: %21.65
    • Published: Feb. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-0238

    php.cgi allows attackers to read any file on the system.... Read more

    Affected Products : php
    • EPSS Score: %2.40
    • Published: Aug. 01, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0432

    Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.... Read more

    Affected Products : linux ethereal
    • EPSS Score: %0.55
    • Published: Jul. 24, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-2799

    Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the "put bit buffer when num_saved_bits is reset."... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.76
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2025-39380

    Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server.This issue affects Hospital Management System: from n/a through 47.0(20-11-2023).... Read more

    Affected Products : hospital_management_system
    • Published: May. 19, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Misconfiguration

  • 10.0

    CRITICAL
    CVE-2025-47916

    Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method ... Read more

    • Published: May. 16, 2025
    • Modified: Jun. 20, 2025
    • Vuln Type: Authentication

  • 10.0

    HIGH
    CVE-2025-6098

    A vulnerability was found in UTT 进取 750W up to 5.0. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible ... Read more

    Affected Products :
    • Published: Jun. 16, 2025
    • Modified: Jun. 16, 2025
    • Vuln Type: Memory Corruption

  • 10.0

    HIGH
    CVE-2018-0375

    A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to log in to an affected system using the root account, which has default, static user credentials. The vulnerability is due to the ... Read more

    • EPSS Score: %1.90
    • Published: Jul. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-22796

    Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication.... Read more

    Affected Products : sysaid
    • EPSS Score: %0.22
    • Published: May. 12, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-2023

    Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026.... Read more

    Affected Products : illustrator illustrator_cs5.5
    • EPSS Score: %25.02
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2025-29009

    Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Medical Prescription Attachment Plugin for WooCommerce: from n/a t... Read more

    Affected Products :
    • Published: Jul. 16, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Misconfiguration

  • 10.0

    HIGH
    CVE-2019-11560

    A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models allows an unauthenticated attacker to remotely run arbitrary code by sending a special RTSP over HTTP packet. The vulnerability was found in many cameras using ... Read more

    Affected Products : hi3516_firmware hi3516
    • EPSS Score: %0.72
    • Published: May. 07, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-7002

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.96
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2009-4633

    vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and trigger... Read more

    Affected Products : ffmpeg
    • EPSS Score: %6.79
    • Published: Feb. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-0796

    Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %2.57
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291751 Results