Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-5106

    Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log... Read more

    Affected Products : sami_ftp_server
    • EPSS Score: %2.82
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0074

    Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC.... Read more

    Affected Products : serverprotect serverprotect
    • EPSS Score: %29.46
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5159

    Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption.... Read more

    Affected Products : wincome_mpd_total
    • EPSS Score: %74.97
    • Published: Nov. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5334

    PHP remote file inclusion vulnerability in includes/common.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.... Read more

    Affected Products : nitrotech
    • EPSS Score: %1.24
    • Published: Dec. 05, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5393

    UPR-Kernel in Ubuntu Privacy Remix (UPR) before 8.04_r1 includes kernel support for mounting RAID arrays, which might allow remote attackers to bypass intended isolation mechanisms by (1) reading from or (2) writing to these arrays.... Read more

    Affected Products : unbuntu_privacy_remix
    • EPSS Score: %0.51
    • Published: Dec. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5694

    PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than S... Read more

    Affected Products : sandbox
    • EPSS Score: %0.84
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5812

    Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 have unknown impact and attack vectors.... Read more

    Affected Products : spip
    • EPSS Score: %0.37
    • Published: Jan. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0171

    The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System Control Facility Unit (aka XSCFU or Service Processor), ... Read more

    Affected Products : sparc_enterprise_server
    • EPSS Score: %0.84
    • Published: Jan. 16, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0617

    Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.... Read more

    Affected Products : application_networking_manager
    • EPSS Score: %0.66
    • Published: Feb. 26, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6554

    cgi-bin/script in Aztech ADSL2/2+ 4-port router 3.7.0 build 070426 allows remote attackers to execute arbitrary commands via shell metacharacters in the query string.... Read more

    Affected Products : adsl2\/2\+4-port_router
    • EPSS Score: %3.22
    • Published: Mar. 30, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1178

    Unspecified vulnerability in the server in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.2 and 6.x before 6.1 has unknown impact and attack vectors related to the "admin command line."... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %0.95
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1443

    Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors.... Read more

    Affected Products : ocs_inventory_ng
    • EPSS Score: %2.68
    • Published: Apr. 27, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1730

    Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command.... Read more

    Affected Products : netdecision_tftp_server
    • EPSS Score: %62.30
    • Published: May. 20, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1473

    The (1) Windows and (2) Java client programs for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not properly use RSA cryptography for a symmetric session-key negotiation, which makes it easier fo... Read more

    • EPSS Score: %1.06
    • Published: May. 27, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2548

    Format string vulnerability in Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in... Read more

    Affected Products : arma arma_2
    • EPSS Score: %6.66
    • Published: Jul. 20, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7010

    Skalfa Software SkaLinks Exchange Script 1.5 allows remote attackers to add new administrators and gain privileges via a direct request to admin/register.php.... Read more

    Affected Products : exchange_script
    • EPSS Score: %2.54
    • Published: Aug. 19, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7126

    Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port... Read more

    Affected Products : visibroker
    • EPSS Score: %11.39
    • Published: Aug. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7158

    Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) transcriptFile parameter to MRcgi/MRchat.pl or (2) LOADFILE parameter to MRcgi/MRABLoad2.pl. NOTE: some of... Read more

    Affected Products : footprints
    • EPSS Score: %4.54
    • Published: Sep. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3091

    Unspecified vulnerability on the ASUS WL-330gE has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because th... Read more

    Affected Products : asus_wl-330ge
    • EPSS Score: %0.33
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3098

    Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11. N... Read more

    • EPSS Score: %1.64
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 292516 Results