Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-7630

    Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute a... Read more

    • EPSS Score: %20.93
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7622

    Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary ... Read more

    • EPSS Score: %19.69
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7221

    Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.... Read more

    Affected Products : firefox fedora leap opensuse
    • EPSS Score: %1.70
    • Published: Dec. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7203

    Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted fo... Read more

    Affected Products : firefox fedora leap opensuse
    • EPSS Score: %1.66
    • Published: Dec. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-9245

    The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system.... Read more

    Affected Products : ipecs_nms
    • EPSS Score: %13.06
    • Published: Apr. 22, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-4465

    Microsoft Terminal Server, when running an application session with the "Start program at logon" and "Override settings from user profile and Client Connection Manager wizard" options, allows local users to execute arbitrary code by forcing an Explorer er... Read more

    Affected Products : terminal_server
    • EPSS Score: %26.53
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2021-42392

    The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. ... Read more

    • EPSS Score: %91.35
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-5580

    Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute a... Read more

    • EPSS Score: %4.30
    • Published: Sep. 22, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5546

    Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a de... Read more

    • EPSS Score: %52.58
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5544

    Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a de... Read more

    • EPSS Score: %52.58
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5125

    Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-le... Read more

    • EPSS Score: %5.28
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5117

    Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler b... Read more

    • EPSS Score: %13.60
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-8869

    In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for arbitrary input on the device. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).... Read more

    Affected Products : ids_2102_firmware ids_2102
    • EPSS Score: %0.65
    • Published: May. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-5101

    Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow... Read more

    • EPSS Score: %3.60
    • Published: Jul. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4881

    Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.... Read more

    Affected Products : jdk jre
    • EPSS Score: %7.29
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4843

    Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.... Read more

    Affected Products : jdk jre
    • EPSS Score: %22.06
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4485

    Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.... Read more

    • EPSS Score: %7.88
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-8739

    VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.... Read more

    Affected Products : vpn_unlimited
    • EPSS Score: %0.47
    • Published: Mar. 16, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-3137

    Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler b... Read more

    • EPSS Score: %68.03
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3133

    Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers... Read more

    • EPSS Score: %7.33
    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 292316 Results