Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-0230

    Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.... Read more

    Affected Products : miniupnpd
    • Published: Jan. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0073

    The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via (1)... Read more

    • Published: Feb. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-6601

    The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983.... Read more

    Affected Products : pan-os
    • Published: Aug. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-6592

    Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091.... Read more

    Affected Products : pan-os
    • Published: Aug. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-6429

    Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.... Read more

    Affected Products : kies
    • Published: Apr. 04, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-16167

    LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.... Read more

    Affected Products : logontracer
    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-4876

    Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method.... Read more

    • Published: Sep. 06, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-4577

    The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative a... Read more

    Affected Products : jetport
    • Published: Aug. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-4145

    Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, has unknown impact and attack vectors, related to a "low severity issue."... Read more

    • Published: Aug. 06, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-16037

    Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a... Read more

    • Published: Jan. 18, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-15981

    Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Nov. 29, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-3828

    The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to execute arbitrary... Read more

    Affected Products : android
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2003-0033

    Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.... Read more

    Affected Products : snort
    • Published: Mar. 07, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-3283

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511.... Read more

    • Published: Feb. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3274

    Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data.... Read more

    Affected Products : intelligent_management_center
    • Published: Dec. 06, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-15958

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2012-3202

    Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unkno... Read more

    Affected Products : jrockit jre jdk
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-15959

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15982

    Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Actively Exploited
    • Published: Jan. 18, 2019
    • Modified: Feb. 13, 2025

  • 10.0

    HIGH
    CVE-2003-0030

    Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select... Read more

    Affected Products : secure.data
    • Published: Mar. 18, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293344 Results