Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2018-2815

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable... Read more

    • EPSS Score: %0.52
    • Published: Apr. 19, 2018
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2018-2798

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerabi... Read more

    • EPSS Score: %0.22
    • Published: Apr. 19, 2018
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2018-2796

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerab... Read more

    • EPSS Score: %0.52
    • Published: Apr. 19, 2018
    • Modified: May. 06, 2025

  • 3.1

    LOW
    CVE-2018-2790

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthent... Read more

    • EPSS Score: %0.27
    • Published: Apr. 19, 2018
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2018-2627

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where... Read more

    • EPSS Score: %0.37
    • Published: Jan. 18, 2018
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2018-18066

    snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.... Read more

    • EPSS Score: %0.59
    • Published: Oct. 08, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15965

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %40.11
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2018-15964

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : coldfusion
    • EPSS Score: %10.65
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2018-15963

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.... Read more

    Affected Products : coldfusion
    • EPSS Score: %6.20
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2018-15962

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : coldfusion
    • EPSS Score: %2.30
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15959

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %40.11
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15958

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %40.11
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2018-15957

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %60.60
    • Published: Sep. 25, 2018
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2018-1002205

    DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.... Read more

    Affected Products : dotnetzip.semverd
    • EPSS Score: %0.52
    • Published: Jul. 25, 2018
    • Modified: May. 06, 2025

  • 6.1

    MEDIUM
    CVE-2018-1000874

    PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. T... Read more

    Affected Products : markdown
    • EPSS Score: %0.22
    • Published: Dec. 20, 2018
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2017-9633

    An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti ... Read more

    Affected Products : s-gold_2_pmb_8876
    • EPSS Score: %0.64
    • Published: Aug. 07, 2017
    • Modified: May. 06, 2025

  • 5.6

    MEDIUM
    CVE-2017-5715

    Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.... Read more

    • EPSS Score: %90.66
    • Published: Jan. 04, 2018
    • Modified: May. 06, 2025

  • 6.1

    MEDIUM
    CVE-2017-2285

    Cross-site scripting vulnerability in Simple Custom CSS and JS prior to version 3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : simple_custom_css_and_js
    • EPSS Score: %0.53
    • Published: Aug. 02, 2017
    • Modified: May. 06, 2025

  • 9.3

    HIGH
    CVE-2017-16368

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow... Read more

    • EPSS Score: %18.40
    • Published: Dec. 09, 2017
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2017-14429

    The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell me... Read more

    Affected Products : dir-850l_firmware dir-850l
    • EPSS Score: %3.41
    • Published: Sep. 13, 2017
    • Modified: May. 06, 2025
Showing 20 of 291401 Results