Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-29203

    A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication le... Read more

    Affected Products : edgeline_infrastructure_manager
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-8248

    Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : macos windows illustrator_cc
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-2403

    Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.... Read more

    Affected Products : yabb
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2021-28481

    Microsoft Exchange Server Remote Code Execution Vulnerability... Read more

    Affected Products : exchange_server
    • Published: Apr. 13, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-2388

    rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.... Read more

    Affected Products : aix
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2021-27104

    Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later.... Read more

    Affected Products : fta
    • Actively Exploited
    • Published: Feb. 16, 2021
    • Modified: Mar. 14, 2025

  • 10.0

    HIGH
    CVE-2019-7997

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7990

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7807

    Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more

    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-0002

    poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.... Read more

    Affected Products : poppassd_pam
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2023-2909

    EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.... Read more

    Affected Products : data_master adm
    • Published: May. 31, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-2289

    Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file.... Read more

    Affected Products : windows_xp
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-7103

    Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows shockwave_player
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7094

    Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-2235

    Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text.... Read more

    Affected Products : moodle
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-7084

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code executi... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7080

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-2236

    Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.... Read more

    Affected Products : moodle
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2021-1602

    A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affec... Read more

    • Published: Aug. 04, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-1393

    Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configurati... Read more

    • Published: Feb. 24, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293508 Results