Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-7350

    Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 (730159141) and R75.20.x before R75.20.4 and 600 and 1100 appliances R75.20.x before R75.20.42 have unknown impact and attack vectors related to "important securit... Read more

    Affected Products : security_gateway
    • EPSS Score: %0.32
    • Published: Apr. 01, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2331

    The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors.... Read more

    • EPSS Score: %0.40
    • Published: Apr. 25, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2428

    libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause a de... Read more

    Affected Products : android
    • EPSS Score: %1.22
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2003-1496

    Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.... Read more

    Affected Products : tru64
    • EPSS Score: %0.26
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-3438

    Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materializ... Read more

    Affected Products : database_server
    • EPSS Score: %8.34
    • Published: Nov. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-3463

    Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.03 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE03.... Read more

    Affected Products : peoplesoft_enterprise
    • EPSS Score: %3.84
    • Published: Nov. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2016-3877

    Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.... Read more

    Affected Products : android
    • EPSS Score: %0.16
    • Published: Sep. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4165

    The extension manager in Adobe Brackets before 1.7 allows attackers to have an unspecified impact via invalid input.... Read more

    Affected Products : brackets
    • EPSS Score: %6.15
    • Published: Jun. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-0374

    OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 sends the configuration of the printer in cleartext, which allows remote attackers to obtain the administrative password by connecting to TCP port 5548 or 7777.... Read more

    Affected Products : c5510mfp_firmware c5510mfp
    • EPSS Score: %1.76
    • Published: Jan. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0380

    Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll 1.1.0.29) allows remote attackers to execute arbitrary code via a long MP4Prefix property.... Read more

    Affected Products : rtspvapgdecoder.dll
    • EPSS Score: %7.42
    • Published: Jan. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2016-5228

    Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. ... Read more

    Affected Products : rumba
    • EPSS Score: %33.71
    • Published: Jul. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-0640

    Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjun... Read more

    Affected Products : ghost_solutions_suite
    • EPSS Score: %3.50
    • Published: Feb. 08, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2016-6532

    DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers to obtain administrative access by entering this password in a DEXIS_DATA SQL Server session.... Read more

    Affected Products : imaging_suite
    • EPSS Score: %0.73
    • Published: Sep. 24, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7560

    The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors.... Read more

    Affected Products : fortiwlc
    • EPSS Score: %2.56
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-5503

    SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the add_guest_user opcode.... Read more

    Affected Products : cyberoam_os
    • EPSS Score: %1.28
    • Published: Oct. 07, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2050

    D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors.... Read more

    Affected Products : dap-1320_firmware dap-1320
    • EPSS Score: %1.61
    • Published: Feb. 23, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-3235

    Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.98
    • Published: Jul. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-6433

    gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the (1) a1 or (2) a2 parameter in a start action.... Read more

    Affected Products : gopro_hero_firmware gopro_hero
    • EPSS Score: %1.70
    • Published: Oct. 07, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2867

    A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.... Read more

    Affected Products : comfortlink_ii_firmware
    • EPSS Score: %2.88
    • Published: Jan. 06, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-3242

    Heap-based buffer overflow in the PPMedia Class ActiveX control in PPMPlayer.dll in PPMate 2.3.1.93 allows remote attackers to execute arbitrary code via a long argument to the StartUrl method. NOTE: some of these details are obtained from third party in... Read more

    Affected Products : ppmedia_class
    • EPSS Score: %23.96
    • Published: Jul. 21, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 290940 Results