Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-1164

    This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable installations of ZyXEL P-870H-51 DSL Router 1.00(AWG.3)D5. Authentication is not required to exploit this vulnerability. The specific flaw exists within numero... Read more

    Affected Products : p-870h-51_firmware p-870h-51
    • EPSS Score: %29.79
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2428

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ... Read more

    Affected Products : jdk jre javafx
    • EPSS Score: %3.53
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2555

    Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Ado... Read more

    • EPSS Score: %5.98
    • Published: Mar. 11, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-4176

    Array index error in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %5.08
    • Published: Oct. 23, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-22941

    Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller.... Read more

    Affected Products : sharefile_storagezones_controller
    • Actively Exploited
    • EPSS Score: %88.62
    • Published: Sep. 23, 2021
    • Modified: Mar. 13, 2025

  • 10.0

    HIGH
    CVE-2011-3937

    The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and att... Read more

    Affected Products : ffmpeg libav
    • EPSS Score: %0.69
    • Published: Jan. 05, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2018-14721

    FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.... Read more

    • EPSS Score: %4.55
    • Published: Jan. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-1121

    Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving i... Read more

    Affected Products : firefox
    • EPSS Score: %5.54
    • Published: Mar. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-5903

    The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896.... Read more

    Affected Products : mac_os_x iphone_os watchos
    • EPSS Score: %2.02
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-4325

    Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.... Read more

    Affected Products : groupwise
    • EPSS Score: %19.92
    • Published: Jan. 28, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6532

    Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."... Read more

    Affected Products : xfce
    • EPSS Score: %3.09
    • Published: Jan. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-3984

    Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and vectors.... Read more

    Affected Products : libav
    • EPSS Score: %10.16
    • Published: Jun. 06, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6988

    The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %11.01
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-12284

    cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.... Read more

    Affected Products : ubuntu_linux debian_linux ffmpeg
    • EPSS Score: %5.13
    • Published: Apr. 28, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-1719

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %2.38
    • Published: Sep. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2427

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ... Read more

    Affected Products : jdk jre javafx
    • EPSS Score: %1.26
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-3708

    Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, 10.1.2.0.2, and 10.1.2.1 has unknown impact and attack vectors, aka Oracle Vuln# AS03.... Read more

    Affected Products : application_server
    • EPSS Score: %4.23
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-0507

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via u... Read more

    • Actively Exploited
    • EPSS Score: %93.72
    • Published: Jun. 07, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2728

    Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.... Read more

    • EPSS Score: %4.00
    • Published: May. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2730

    Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2733.... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %80.57
    • Published: May. 16, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 292100 Results