Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2015-3271

    Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow remote attackers to read arbitrary files via the HTTP fileUrl header.... Read more

    Affected Products : tika
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7892

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.... Read more

    • Actively Exploited
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-7891

    Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier have an input validation issue that could be used in cross-site scripting attacks.... Read more

    Affected Products : windows robohelp
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-7890

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-7889

    Adobe Digital Editions versions 4.5.2 and earlier has an issue with parsing crafted XML entries that could lead to information disclosure.... Read more

    Affected Products : digital_editions
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-7888

    Adobe Digital Editions versions 4.5.2 and earlier has an important vulnerability that could lead to memory address leak.... Read more

    Affected Products : digital_editions
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-7887

    Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and earlier have an important vulnerability that could lead to information disclosure.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7886

    Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0.0 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos windows indesign indesign_server
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-7885

    Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks.... Read more

    Affected Products : experience_manager
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-7884

    Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks.... Read more

    Affected Products : experience_manager
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-7883

    Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks.... Read more

    Affected Products : experience_manager
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-7882

    Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks.... Read more

    Affected Products : experience_manager
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7881

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7880

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-7879

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code executio... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-7878

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7877

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7876

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-7875

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7874

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292801 Results