Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2025-46661

    IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions, aka Server-Side Template-Injection. All instances have been patched by the Supplier.... Read more

    Affected Products : metazo
    • Published: Apr. 28, 2025
    • Modified: May. 12, 2025

  • 10.0

    HIGH
    CVE-2019-7964

    Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution.... Read more

    • EPSS Score: %44.28
    • Published: Aug. 16, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-3277

    The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the conn... Read more

    Affected Products : hp-ux
    • EPSS Score: %37.29
    • Published: Oct. 21, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-3442

    Multiple unspecified vulnerabilities in Oracle Database Server 8i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB09 in Export, (2) DB11 in Materialized Views, and (3) DB16 in Security Service.... Read more

    Affected Products : database_server
    • EPSS Score: %1.44
    • Published: Nov. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-4325

    Multiple unspecified vulnerabilities in Driverse before 0.56b have unknown impact and attack vectors, related to (1) a "ptrace exploit" and (2) "some other potential security problems."... Read more

    Affected Products : driverse
    • EPSS Score: %0.52
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-1452

    Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."... Read more

    Affected Products : serendipity
    • EPSS Score: %0.38
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2024-10442

    Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to execute arbitrary code, potent... Read more

    Affected Products :
    • Published: Mar. 19, 2025
    • Modified: Mar. 19, 2025

  • 10.0

    HIGH
    CVE-1999-1237

    Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified... Read more

    Affected Products : http_server
    • EPSS Score: %0.42
    • Published: Jun. 06, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1535

    Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request.... Read more

    Affected Products : aspupload
    • EPSS Score: %1.81
    • Published: Jul. 20, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0128

    The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters.... Read more

    Affected Products : the_finger_server
    • EPSS Score: %4.29
    • Published: Feb. 04, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0425

    Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : listserv
    • EPSS Score: %6.83
    • Published: May. 03, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-2206

    The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 uses weak encryption (XOR) for challenge/response, which allows remote attackers to gain privileges by sniffing and decrypting passwords.... Read more

    Affected Products : ultravnc
    • EPSS Score: %0.78
    • Published: May. 05, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0812

    The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ ta... Read more

    Affected Products : java_system_web_server
    • EPSS Score: %2.55
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1034

    Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.... Read more

    Affected Products : windows_2000
    • EPSS Score: %15.43
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0028

    Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters.... Read more

    Affected Products : oops_proxy_server
    • EPSS Score: %6.94
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0171

    Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request.... Read more

    Affected Products : slimserve
    • EPSS Score: %4.65
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0213

    Buffer overflow in pi program in PlanetIntra 2.5 allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : planet_intra
    • EPSS Score: %2.60
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0269

    pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password.... Read more

    Affected Products : sunos
    • EPSS Score: %0.61
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0552

    ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.... Read more

    • EPSS Score: %3.34
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1542

    RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.... Read more

    Affected Products : linux
    • EPSS Score: %2.32
    • Published: Oct. 04, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 290940 Results