Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2019-12986

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).... Read more

    Affected Products : netscaler_sd-wan sd-wan
    • EPSS Score: %92.25
    • Published: Jul. 16, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-12985

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).... Read more

    Affected Products : netscaler_sd-wan sd-wan
    • EPSS Score: %92.41
    • Published: Jul. 16, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-12929

    The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This h... Read more

    Affected Products : qemu
    • EPSS Score: %3.42
    • Published: Jun. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-12643

    A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The vulnerability is due to an improper check performed ... Read more

    • EPSS Score: %16.92
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-4713

    Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header.... Read more

    Affected Products : groupwise
    • EPSS Score: %13.55
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-11683

    udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload,... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %21.75
    • Published: May. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-0586

    A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.... Read more

    Affected Products : exchange_server
    • EPSS Score: %20.84
    • Published: Jan. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-0007

    The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method o... Read more

    Affected Products : junos mx10 mx104 mx2010 mx2020 mx240 mx40 mx480 mx80 mx960 +7 more products
    • EPSS Score: %0.50
    • Published: Jan. 15, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-7114

    HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %64.69
    • Published: Dec. 03, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-4924

    Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.... Read more

    Affected Products : windows dreamweaver
    • EPSS Score: %27.80
    • Published: May. 19, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-4286

    Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.72
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-4254

    In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.44
    • Published: Jan. 11, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-4229

    An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatch" component. It allows attackers to bypass a sandbox protection mechanism by leveraging the misparsing of entitlement plists... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.77
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-18843

    The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.25
    • Published: Dec. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-15959

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %40.11
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15958

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %40.11
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15957

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %60.60
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15427

    A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the... Read more

    • EPSS Score: %14.45
    • Published: Oct. 05, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14558

    An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows a... Read more

    • Actively Exploited
    • EPSS Score: %81.99
    • Published: Oct. 30, 2018
    • Modified: Mar. 20, 2025

  • 10.0

    HIGH
    CVE-2018-14007

    Citrix XenServer 7.1 and newer allows Directory Traversal.... Read more

    Affected Products : xenserver
    • EPSS Score: %4.53
    • Published: Aug. 15, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291526 Results