Latest CVE Feed
-
8.8
HIGHCVE-2022-26730
A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution.... Read more
Affected Products : macos- EPSS Score: %0.64
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
8.8
HIGHCVE-2022-26719
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execut... Read more
- EPSS Score: %0.13
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
8.8
HIGHCVE-2022-26717
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lea... Read more
- EPSS Score: %0.44
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
8.8
HIGHCVE-2022-26716
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execut... Read more
- EPSS Score: %0.14
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
5.7
MEDIUMCVE-2022-23738
An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub E... Read more
Affected Products : enterprise_server- EPSS Score: %0.09
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
6.5
MEDIUMCVE-2022-22658
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 16.0.3. Processing a maliciously crafted email message may lead to a denial-of-service.... Read more
Affected Products : iphone_os- EPSS Score: %0.15
- Published: Nov. 01, 2022
- Modified: May. 06, 2025
-
9.8
CRITICALCVE-2018-6333
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be c... Read more
Affected Products : nuclide- EPSS Score: %1.12
- Published: Dec. 31, 2018
- Modified: May. 06, 2025
-
7.5
HIGHCVE-2018-4942
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure.... Read more
Affected Products : coldfusion- EPSS Score: %0.90
- Published: May. 19, 2018
- Modified: May. 06, 2025
-
7.8
HIGHCVE-2018-4938
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.... Read more
Affected Products : coldfusion- EPSS Score: %0.20
- Published: May. 19, 2018
- Modified: May. 06, 2025
-
8.3
HIGHCVE-2018-2826
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to com... Read more
- EPSS Score: %3.00
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
8.3
HIGHCVE-2018-2825
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to com... Read more
- EPSS Score: %1.13
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
5.3
MEDIUMCVE-2018-2815
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable... Read more
- EPSS Score: %0.52
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
5.3
MEDIUMCVE-2018-2798
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerabi... Read more
- EPSS Score: %0.22
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
5.3
MEDIUMCVE-2018-2796
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerab... Read more
- EPSS Score: %0.52
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
3.1
LOWCVE-2018-2790
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthent... Read more
- EPSS Score: %0.27
- Published: Apr. 19, 2018
- Modified: May. 06, 2025
-
7.5
HIGHCVE-2018-2627
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where... Read more
- EPSS Score: %0.37
- Published: Jan. 18, 2018
- Modified: May. 06, 2025
-
7.5
HIGHCVE-2018-18066
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.... Read more
- EPSS Score: %0.59
- Published: Oct. 08, 2018
- Modified: May. 06, 2025
-
10.0
HIGHCVE-2018-15965
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : coldfusion- EPSS Score: %40.11
- Published: Sep. 25, 2018
- Modified: May. 06, 2025
-
7.5
HIGHCVE-2018-15964
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure.... Read more
Affected Products : coldfusion- EPSS Score: %10.65
- Published: Sep. 25, 2018
- Modified: May. 06, 2025
-
5.3
MEDIUMCVE-2018-15963
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.... Read more
Affected Products : coldfusion- EPSS Score: %6.20
- Published: Sep. 25, 2018
- Modified: May. 06, 2025