Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2020-9576

    Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : magento
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9575

    Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : windows illustrator
    • Published: Jun. 25, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9574

    Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : windows illustrator
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9573

    Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows illustrator
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9572

    Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows illustrator
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9571

    Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows illustrator
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9570

    Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : windows illustrator
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2020-9558

    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : windows bridge
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-9557

    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : windows bridge
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2020-9553

    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : windows bridge
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-9552

    Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows bridge
    • Published: Mar. 25, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-9551

    Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows bridge
    • Published: Mar. 25, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-9550

    Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to sniff and spoof beacon requests remotely.... Read more

    Affected Products : smarthome_firmware smarthome
    • Published: Mar. 04, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-9549

    In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document.... Read more

    Affected Products : debian_linux pdfresurrect
    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-9548

    FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).... Read more

    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-9547

    FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).... Read more

    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-9546

    FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).... Read more

    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2020-9545

    Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site.... Read more

    Affected Products : pale_moon
    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2020-9544

    An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their ... Read more

    • Published: Mar. 05, 2020
    • Modified: Nov. 21, 2024

  • 8.3

    HIGH
    CVE-2020-9543

    OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file syste... Read more

    Affected Products : manila
    • Published: Mar. 12, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294853 Results