Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-1959

    Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vectors, related to lack of the "'other half' of buffer overflow protection."... Read more

    Affected Products : tinymux
    • EPSS Score: %0.35
    • Published: Apr. 11, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1329

    Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are r... Read more

    Affected Products : ledgersmb sql-ledger
    • EPSS Score: %5.74
    • Published: Mar. 07, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0510

    Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) preserve.c in AWFFull 3.7.1 and earlier have unknown impact and attack vectors. NOTE: some of these details are obtained from third party information. NOTE: There may not be any attack vec... Read more

    Affected Products : awffull
    • EPSS Score: %1.04
    • Published: Jan. 26, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2025-20265

    A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.  This vulnerabilit... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 16, 2025
    • Vuln Type: Injection

  • 10.0

    HIGH
    CVE-2011-3651

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox thunderbird
    • EPSS Score: %2.46
    • Published: Nov. 09, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3268

    Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.... Read more

    Affected Products : php
    • EPSS Score: %9.31
    • Published: Aug. 25, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3122

    Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."... Read more

    Affected Products : wordpress
    • EPSS Score: %1.39
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3106

    The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %7.27
    • Published: May. 24, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3101

    Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products.... Read more

    Affected Products : linux_kernel chrome
    • EPSS Score: %1.74
    • Published: May. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3003

    Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-o... Read more

    Affected Products : firefox seamonkey
    • EPSS Score: %1.51
    • Published: Sep. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2997

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary c... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %2.98
    • Published: Sep. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2992

    The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly e... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %3.92
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2985

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %2.98
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2738

    Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connect... Read more

    • EPSS Score: %11.33
    • Published: Sep. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2344

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1866.... Read more

    Affected Products : storage_data_protector
    • EPSS Score: %27.67
    • Published: Jan. 04, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2451

    Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory ... Read more

    • EPSS Score: %1.77
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2450

    Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap me... Read more

    • EPSS Score: %3.04
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2448

    The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2446.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %5.76
    • Published: Nov. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2422

    Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %9.87
    • Published: Aug. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2420

    Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %10.46
    • Published: Aug. 11, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291824 Results