Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-3644

    The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more

    • Published: Jun. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3510

    Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a dif... Read more

    Affected Products : weblogic_server
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-9476

    In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper locking. This could lead to remote escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not ne... Read more

    Affected Products : android
    • Published: Oct. 02, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-9416

    In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root cause. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Dec. 05, 2024
    • Modified: Dec. 18, 2024

  • 10.0

    CRITICAL
    CVE-2023-41892

    Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fix... Read more

    Affected Products : craft_cms
    • Published: Sep. 13, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-1081

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1078

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1072

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1059

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1049

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-9311

    The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network.... Read more

    • Published: May. 31, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-0686

    Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.... Read more

    Affected Products : jdk jre
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-9284

    authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : singapore_starhub_firmware dir-868l
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-4510

    The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which... Read more

    Affected Products : edirectory
    • Published: Oct. 24, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-9318

    The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network.... Read more

    • Published: May. 31, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-9355

    In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. P... Read more

    Affected Products : android
    • Published: Nov. 06, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-8455

    Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to ... Read more

    • Published: Dec. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2022-0543

    It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.... Read more

    Affected Products : ubuntu_linux debian_linux redis
    • Actively Exploited
    • Published: Feb. 18, 2022
    • Modified: Apr. 02, 2025

  • 10.0

    HIGH
    CVE-2015-8433

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler befor... Read more

    • Published: Dec. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-8405

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler befor... Read more

    • Published: Dec. 10, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 292795 Results