Security Bulletins

Active threat advisories and known exploited vulnerabilities.

Pulled daily from the CISA Known Exploited Vulnerabilities catalog. Every entry has confirmed active exploitation in the wild. Last synced Jun 12, 2026.

1,619 total bulletins 1,619 critical or high severity Source: CISA KEV + NVD

All 1,619 Critical 1,619 High 0 Medium 0 Low 0 1,619 critical entries

Critical CVE-2019-5825 Google · Chromium V8 Added Jun 8, 2022

Google Chromium V8 Out-of-Bounds Write Vulnerability

Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2019-15271 Cisco · RV Series Routers Added Jun 8, 2022

Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability

A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2018-6065 Google · Chromium V8 Added Jun 8, 2022

Google Chromium V8 Integer Overflow Vulnerability

Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2018-4990 Adobe · Acrobat and Reader Added Jun 8, 2022

Adobe Acrobat and Reader Double Free Vulnerability

Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2018-17480 Google · Chromium V8 Added Jun 8, 2022

Google Chromium V8 Out-of-Bounds Write Vulnerability

Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2018-17463 Google · Chromium V8 Added Jun 8, 2022

Google Chromium V8 Remote Code Execution Vulnerability

Google Chromium V8 Engine contains an unspecified vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2017-6862 NETGEAR · Multiple Devices Added Jun 8, 2022

NETGEAR Multiple Devices Buffer Overflow Vulnerability

Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2017-5070 Google · Chromium V8 Added Jun 8, 2022

Google Chromium V8 Type Confusion Vulnerability

Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2017-5030 Google · Chromium V8 Added Jun 8, 2022

Google Chromium V8 Memory Corruption Vulnerability

Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2016-5198 Google · Chromium V8 Added Jun 8, 2022

Google Chromium V8 Out-of-Bounds Memory Vulnerability

Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read/write operations, leading to code execution, via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2016-1646 Google · Chromium V8 Added Jun 8, 2022

Google Chromium V8 Out-of-Bounds Read Vulnerability

Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2013-1331 Microsoft · Office Added Jun 8, 2022

Microsoft Office Buffer Overflow Vulnerability

Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via crafted PNG data in an Office document.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2012-5054 Adobe · Flash Player Added Jun 8, 2022

Adobe Flash Player Integer Overflow Vulnerability

Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via malformed arguments.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2012-4969 Microsoft · Internet Explorer Added Jun 8, 2022

Microsoft Internet Explorer Use-After-Free Vulnerability

Microsoft Internet Explorer contains a use-after-free vulnerability that allows remote attackers to execute code via a crafted web site.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2012-1889 Microsoft · XML Core Services Added Jun 8, 2022

Microsoft XML Core Services Memory Corruption Vulnerability

Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2012-0767 Adobe · Flash Player Added Jun 8, 2022

Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability

Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2012-0754 Adobe · Flash Player Added Jun 8, 2022

Adobe Flash Player Memory Corruption Vulnerability

Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2012-0151 Microsoft · Windows Added Jun 8, 2022

Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability

The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2011-2462 Adobe · Reader and Acrobat Added Jun 8, 2022

Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability

The Universal 3D (U3D) component in Adobe Reader and Acrobat contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2011-0609 Adobe · Flash Player Added Jun 8, 2022

Adobe Flash Player Unspecified Vulnerability

Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2010-2883 Adobe · Acrobat and Reader Added Jun 8, 2022

Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability

Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2010-2572 Microsoft · PowerPoint Added Jun 8, 2022

Microsoft PowerPoint Buffer Overflow Vulnerability

Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2010-1297 Adobe · Flash Player Added Jun 8, 2022

Adobe Flash Player Memory Corruption Vulnerability

Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2009-4324 Adobe · Acrobat and Reader Added Jun 8, 2022

Adobe Acrobat and Reader Use-After-Free Vulnerability

Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Critical CVE-2009-3953 Adobe · Acrobat and Reader Added Jun 8, 2022

Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability

Adobe Acrobat and Reader contains an array boundary issue in Universal 3D (U3D) support that could lead to remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Need help prioritizing these vulnerabilities?

ThreatGrid can assess your environment and map active CVEs to your monitored assets.

Request Assessment TLINK PRO