Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-3828

    The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to execute arbitrary... Read more

    Affected Products : android
    • EPSS Score: %27.18
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2003-0033

    Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.... Read more

    Affected Products : snort
    • EPSS Score: %51.59
    • Published: Mar. 07, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-3283

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511.... Read more

    • EPSS Score: %27.67
    • Published: Feb. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3274

    Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %73.43
    • Published: Dec. 06, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-15958

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %40.11
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2012-3202

    Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unkno... Read more

    Affected Products : jrockit jre jdk
    • EPSS Score: %3.52
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-15959

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %40.11
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15982

    Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Actively Exploited
    • EPSS Score: %93.28
    • Published: Jan. 18, 2019
    • Modified: Feb. 13, 2025

  • 10.0

    HIGH
    CVE-2003-0030

    Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select... Read more

    Affected Products : secure.data
    • EPSS Score: %5.69
    • Published: Mar. 18, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-2785

    Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors, related to (1) "some subframes only encode some channels" or (2) a large order value.... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.76
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2782

    Unspecified vulnerability in the decode_slice_header function in libavcodec/h264.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to a "rejected resolution change."... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.83
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-15808

    POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availability or allow for attackers to remotely execute code o... Read more

    Affected Products : evo
    • EPSS Score: %0.77
    • Published: Aug. 23, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-15890

    An issue was discovered in EthereumJ 1.8.2. There is Unsafe Deserialization in ois.readObject in mine/Ethash.java and decoder.readObject in crypto/ECKey.java. When a node syncs and mines a new block, arbitrary OS commands can be run on the server.... Read more

    Affected Products : ethereumj
    • EPSS Score: %0.78
    • Published: Jun. 20, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-2046

    Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2043, CVE-2012-2044, CVE-2012-2045, and CVE-2012-2047.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %9.19
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2033

    Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and CVE-2012-2032.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %25.79
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2012

    HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.... Read more

    • EPSS Score: %4.48
    • Published: Jun. 29, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1853

    Stack-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administrat... Read more

    Affected Products : windows_xp
    • EPSS Score: %62.06
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1852

    Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Admi... Read more

    Affected Products : windows_xp
    • EPSS Score: %62.06
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-2407

    Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality.... Read more

    Affected Products : phpgroupware
    • EPSS Score: %0.38
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-1166

    The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.... Read more

    Affected Products : ubuntu_linux ltsp_display_manager
    • EPSS Score: %4.37
    • Published: May. 21, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 292495 Results