Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-0751

    Multiple unspecified vulnerabilities in the (1) Filesystem in USErspace (FUSE) client and (2) NOOFS daemon in in Network Object Oriented File System (NOOFS) before 0.9.0 have unspecified impact and attack vectors.... Read more

    • EPSS Score: %0.41
    • Published: Feb. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-2235

    Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text.... Read more

    Affected Products : moodle
    • EPSS Score: %0.38
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-2236

    Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.... Read more

    Affected Products : moodle
    • EPSS Score: %0.38
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-19081

    An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field.... Read more

    • EPSS Score: %6.29
    • Published: Nov. 07, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-12048

    A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs w... Read more

    Affected Products : lbp7110cw_firmware lbp7110cw
    • EPSS Score: %6.60
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-4489

    Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. NOTE: the provenance of this information is unknow... Read more

    Affected Products : atarone
    • EPSS Score: %0.30
    • Published: Oct. 08, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-19528

    TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp.... Read more

    Affected Products : tl-wr886n_firmware tl-wr886n
    • EPSS Score: %2.51
    • Published: Nov. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3353

    Multiple unspecified vulnerabilities in the Node2Node module for Drupal have unknown impact and attack vectors.... Read more

    Affected Products : drupal node2node
    • EPSS Score: %0.39
    • Published: Sep. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2018-12464

    A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create a... Read more

    Affected Products : secure_messaging_gateway
    • EPSS Score: %73.19
    • Published: Jun. 29, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3570

    Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, beca... Read more

    Affected Products : openoffice.org
    • EPSS Score: %0.36
    • Published: Oct. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-13886

    Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile... Read more

    • EPSS Score: %0.38
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-13547

    Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication.... Read more

    Affected Products : wise-paas\/rmm
    • EPSS Score: %0.29
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-18314

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, ... Read more

    • EPSS Score: %0.29
    • Published: Sep. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2256

    An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrag... Read more

    • EPSS Score: %0.66
    • Published: Jun. 14, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-14052

    u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Musi... Read more

    • EPSS Score: %0.33
    • Published: Sep. 08, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-14083

    While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is specified in the attribute length field of extended SSI which can lead to integer underflow in Snapdragon Auto, Snapdragon C... Read more

    • EPSS Score: %0.40
    • Published: Mar. 05, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-25024

    OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter.... Read more

    Affected Products : openrepeater
    • EPSS Score: %43.08
    • Published: Feb. 19, 2021
    • Modified: Apr. 16, 2025

  • 10.0

    HIGH
    CVE-2019-14451

    RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an "external command" configura... Read more

    Affected Products : repetier-server
    • EPSS Score: %3.75
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-3416

    All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system.... Read more

    Affected Products : zxv10_b860a_firmware zxv10_b860a
    • EPSS Score: %0.16
    • Published: Sep. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-7792

    Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via unspecified vectors.... Read more

    Affected Products : cg-wlbargs_firmware
    • EPSS Score: %3.03
    • Published: Dec. 30, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291617 Results