Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2012-2864

    Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an ... Read more

    • Published: Aug. 22, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-7103

    A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.... Read more

    • Published: Sep. 27, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-2804

    Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width.... Read more

    Affected Products : ffmpeg libav
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2798

    Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."... Read more

    Affected Products : ffmpeg libav
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2772

    Unspecified vulnerability in the ff_rv34_decode_frame function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing with frame threading."... Read more

    Affected Products : ffmpeg libav
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2379

    Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and... Read more

    Affected Products : cxf
    • Published: Jan. 03, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2047

    Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2043, CVE-2012-2044, CVE-2012-2045, and CVE-2012-2046.... Read more

    Affected Products : shockwave_player
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-7058

    Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web in... Read more

    Affected Products : aruba_clearpass_policy_manager
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-2032

    Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and CVE-2012-2033.... Read more

    Affected Products : shockwave_player
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1967

    Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execut... Read more

    • Published: Jul. 18, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2018-6968

    The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execut... Read more

    Affected Products : airwatch_agent
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-0774

    Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Apr. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0772

    An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a ... Read more

    Affected Products : flash_player windows adobe_air
    • Published: Mar. 28, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0768

    The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code... Read more

    • Published: Mar. 05, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-0763

    The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, ... Read more

    Affected Products : shockwave_player
    • Published: Feb. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-8859

    In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.... Read more

    Affected Products : netbackup_appliance
    • Published: May. 09, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-0757

    The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0760, CVE-2012-0761, ... Read more

    Affected Products : shockwave_player
    • Published: Feb. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2023-39344

    social-media-skeleton is an uncompleted social media project. A SQL injection vulnerability in the project allows UNION based injections, which indirectly leads to remote code execution. Commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1 contains a fix for t... Read more

    Affected Products : social-media-skeleton
    • Published: Aug. 04, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-5001

    Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.exe in Trend Micro Control Manager 5.5 before Build 1613 allows remote attackers to execute arbitrary code via a crafted IPC packet ... Read more

    Affected Products : control_manager control_manager
    • Published: Dec. 25, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-6809

    NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system.... Read more

    • Published: Mar. 06, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292800 Results