Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-5269

    Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface.... Read more

    Affected Products : serverprotect serverprotect
    • EPSS Score: %25.62
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-3089

    Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF imaging model. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : digital_editions
    • EPSS Score: %8.33
    • Published: Jun. 20, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2022-25448

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function.... Read more

    Affected Products : ac6_firmware ac6
    • EPSS Score: %0.39
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-5288

    Cisco 2700 Series Wireless Location Appliances before 2.1.34.0 have a default administrator username "root" and password "password," which allows remote attackers to obtain administrative privileges, aka Bug ID CSCsb92893.... Read more

    Affected Products : 2700_wireless_location_appliance
    • EPSS Score: %1.03
    • Published: Oct. 13, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2017-2637

    A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyo... Read more

    Affected Products : openstack
    • EPSS Score: %0.58
    • Published: Jul. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6092

    Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.... Read more

    Affected Products : ingate_firewall ingate_siparator
    • EPSS Score: %0.39
    • Published: Nov. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5238

    Unspecified vulnerability in the file upload module in Blue Smiley Organizer before 4.45 has unknown impact and attack vectors.... Read more

    Affected Products : blue_smiley_organizer
    • EPSS Score: %0.38
    • Published: Oct. 12, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5171

    Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SU... Read more

    • EPSS Score: %28.16
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-4950

    Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, ... Read more

    Affected Products : ios
    • EPSS Score: %3.39
    • Published: Sep. 23, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4936

    Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : moodle
    • EPSS Score: %0.38
    • Published: Sep. 23, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2017-13846

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecifi... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.84
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-12337

    A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerabi... Read more

    • EPSS Score: %12.27
    • Published: Nov. 16, 2017
    • Modified: Jul. 31, 2025

  • 10.0

    HIGH
    CVE-2006-4831

    Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and attack vectors, related to "potential security problems."... Read more

    Affected Products : iodine iodine
    • EPSS Score: %0.46
    • Published: Sep. 15, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4830

    Directory traversal vulnerability in EditBlogTemplatesPlugin.java in David Czarnecki Blojsom 2.30 allows remote attackers to have an unknown impact by sending an HTTP request with a certain value of blogTemplate.... Read more

    Affected Products : blojsom
    • EPSS Score: %1.67
    • Published: Sep. 15, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2022-32845

    This issue was addressed with improved checks. This issue is fixed in watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to break out of its sandbox.... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.24
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 10.0

    HIGH
    CVE-2016-8519

    A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.... Read more

    Affected Products : operations_orchestration
    • EPSS Score: %59.31
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-7016

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.24
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7012

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.24
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6996

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.24
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6978

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.51
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292318 Results