Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-11153

    u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Sna... Read more

    • EPSS Score: %3.83
    • Published: Nov. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-31161

    Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py... Read more

    Affected Products : roxy-wi
    • EPSS Score: %78.01
    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-15430

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_list_accounts.php. Whe... Read more

    Affected Products : webpanel
    • EPSS Score: %2.07
    • Published: Jul. 28, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-11176

    While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer... Read more

    • EPSS Score: %0.22
    • Published: Jun. 09, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-3633

    Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon ... Read more

    • EPSS Score: %0.33
    • Published: Jun. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-11193

    u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapd... Read more

    • EPSS Score: %0.40
    • Published: Nov. 12, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-11692

    An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that thi... Read more

    • EPSS Score: %3.84
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-1372

    An remote code execution vulnerability exists when Azure App Service/ Antares on Azure Stack fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability could allow an unprivileged function... Read more

    Affected Products : azure_app_service_on_azure_stack
    • EPSS Score: %4.43
    • Published: Oct. 10, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-0418

    The web interface in chumby one before 1.0.4 and chumby classic before 1.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a request.... Read more

    Affected Products : chumby_one chumby_classic
    • EPSS Score: %2.85
    • Published: Mar. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4988

    Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000.... Read more

    Affected Products : business_one_2005-a
    • EPSS Score: %80.84
    • Published: Aug. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-25140

    A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configu... Read more

    Affected Products : moonshot_provisioning_manager
    • EPSS Score: %5.60
    • Published: Feb. 09, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-3188

    phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.... Read more

    Affected Products : phplist
    • EPSS Score: %0.42
    • Published: Jan. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1653

    Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRol... Read more

    Affected Products : total_defense total_defense
    • EPSS Score: %74.06
    • Published: Apr. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-40859

    Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.... Read more

    • EPSS Score: %83.23
    • Published: Dec. 07, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-9409

    The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated ... Read more

    • EPSS Score: %2.83
    • Published: May. 20, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-11953

    While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Sna... Read more

    • EPSS Score: %0.27
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-4501

    Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2) par... Read more

    Affected Products : bfgminer cgminer sgminer
    • EPSS Score: %0.22
    • Published: Jul. 23, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-27175

    Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in GetCalcTagList. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system comma... Read more

    Affected Products : diaenergie
    • EPSS Score: %0.22
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-45495

    NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass.... Read more

    Affected Products : d7000_firmware d7000
    • EPSS Score: %0.31
    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-3675

    u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IO... Read more

    • EPSS Score: %0.37
    • Published: Sep. 08, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 290957 Results