Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-2271

    The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and has (2) a default password of admin for the admin account in the telnet interface; which makes it easier for remote attackers... Read more

    Affected Products : d100
    • EPSS Score: %0.34
    • Published: Jul. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-10592

    Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administra... Read more

    • EPSS Score: %7.98
    • Published: Jul. 31, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-10682

    An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to access the administration panel on TCP port 9990 without any authentication using "anonymous" access that is automatically created. Once logged in, a misconfiguration prese... Read more

    Affected Products : wildfly
    • EPSS Score: %8.37
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-0672

    Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors.... Read more

    Affected Products : psc_1210_all-in-one
    • EPSS Score: %0.31
    • Published: Feb. 13, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-18473

    A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow attackers to enable an SSH daemon via t... Read more

    • EPSS Score: %7.00
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-0736

    Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    • EPSS Score: %28.47
    • Published: Feb. 27, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0751

    Multiple unspecified vulnerabilities in the (1) Filesystem in USErspace (FUSE) client and (2) NOOFS daemon in in Network Object Oriented File System (NOOFS) before 0.9.0 have unspecified impact and attack vectors.... Read more

    • EPSS Score: %0.41
    • Published: Feb. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-2235

    Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text.... Read more

    Affected Products : moodle
    • EPSS Score: %0.38
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-2236

    Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.... Read more

    Affected Products : moodle
    • EPSS Score: %0.38
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-19081

    An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field.... Read more

    • EPSS Score: %6.29
    • Published: Nov. 07, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-12048

    A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs w... Read more

    Affected Products : lbp7110cw_firmware lbp7110cw
    • EPSS Score: %6.60
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-4489

    Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. NOTE: the provenance of this information is unknow... Read more

    Affected Products : atarone
    • EPSS Score: %0.30
    • Published: Oct. 08, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-19528

    TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp.... Read more

    Affected Products : tl-wr886n_firmware tl-wr886n
    • EPSS Score: %2.51
    • Published: Nov. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3353

    Multiple unspecified vulnerabilities in the Node2Node module for Drupal have unknown impact and attack vectors.... Read more

    Affected Products : drupal node2node
    • EPSS Score: %0.39
    • Published: Sep. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2018-12464

    A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create a... Read more

    Affected Products : secure_messaging_gateway
    • EPSS Score: %73.19
    • Published: Jun. 29, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3570

    Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, beca... Read more

    Affected Products : openoffice.org
    • EPSS Score: %0.36
    • Published: Oct. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-13886

    Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile... Read more

    • EPSS Score: %0.38
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-13547

    Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication.... Read more

    Affected Products : wise-paas\/rmm
    • EPSS Score: %0.29
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-18314

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, ... Read more

    • EPSS Score: %0.29
    • Published: Sep. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2256

    An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrag... Read more

    • EPSS Score: %0.66
    • Published: Jun. 14, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 290955 Results