Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-0979

    Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack vectors.... Read more

    Affected Products : issue_dealer
    • EPSS Score: %0.48
    • Published: Mar. 03, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1002

    NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passwd "Geardog", which allows remote attackers to modify the configuration. NOTE: followup posts have suggested that this might not occur with all WGT624 rout... Read more

    Affected Products : wgt624
    • EPSS Score: %1.90
    • Published: Mar. 06, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1085

    admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the option[admin_pass] parameter and setting the pass_cookie to the MD5 hash of the spe... Read more

    Affected Products : php-stats
    • EPSS Score: %3.34
    • Published: Mar. 09, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1123

    SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie.... Read more

    Affected Products : d2kblog
    • EPSS Score: %1.48
    • Published: Mar. 09, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1381

    Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.... Read more

    Affected Products : officescan
    • EPSS Score: %0.38
    • Published: Mar. 24, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1604

    Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unknown impact and remote attack vectors related to variables that are not "typecasted."... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.37
    • Published: Apr. 04, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1770

    Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admi... Read more

    Affected Products : azdgvote
    • EPSS Score: %4.00
    • Published: Apr. 13, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3717

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS03 and (2) APPS04 for Oracle Application Object Library; and (3) APPS20 for Oracle XML Gateway.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %3.57
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3715

    Unspecified vulnerability in Calendar for Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka Oracle Vuln# OCS01.... Read more

    Affected Products : collaboration_suite
    • EPSS Score: %3.57
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3724

    Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact and attack vectors, aka Oracle Vuln# JDE01.... Read more

    Affected Products : enterpriseone
    • EPSS Score: %3.57
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4289

    Buffer overflow in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x before 20060626 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : vaio_media_server
    • EPSS Score: %30.33
    • Published: Aug. 22, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4304

    Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly e... Read more

    Affected Products : freebsd netbsd openbsd
    • EPSS Score: %6.86
    • Published: Aug. 24, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4831

    Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and attack vectors, related to "potential security problems."... Read more

    Affected Products : iodine iodine
    • EPSS Score: %0.46
    • Published: Sep. 15, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-5375

    Multiple unspecified vulnerabilities in PeopleTools component in Oracle PeopleSoft Enterprise 8.46 GA, 8.47 GA, 8.48 GA, 8.46.15, 8.47.09, and 8.48.03 have unknown impact and remote attack vectors, aka Vuln# (1) PSE01, (2) PSE02, and (3) PSE03.... Read more

    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5558

    Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details ... Read more

    Affected Products : hp-ux
    • EPSS Score: %3.35
    • Published: Oct. 27, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5611

    Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 has unspecified impact and attack vectors, related to the 4.20.01(T) "Security fix." NOTE: due to the lack of details in the vendor advisory, it is not clear whether this issue is related... Read more

    Affected Products : bluetooth_stack
    • EPSS Score: %0.39
    • Published: Oct. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5642

    Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown impact and attack vectors related to configuration of mesasge drivers.... Read more

    Affected Products : nmnlogger
    • EPSS Score: %0.37
    • Published: Nov. 01, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5657

    Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors.... Read more

    Affected Products : vilistextum
    • EPSS Score: %0.38
    • Published: Nov. 03, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5675

    Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated... Read more

    Affected Products : business_intelligence_suite
    • EPSS Score: %0.64
    • Published: Nov. 03, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5709

    Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit."... Read more

    Affected Products : mdaemon
    • EPSS Score: %0.45
    • Published: Nov. 04, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 291824 Results