Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-35104

    Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearabl... Read more

    • EPSS Score: %0.70
    • Published: Jun. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30910

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30913

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the ipqos_set_bandwidth parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-1235

    Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the... Read more

    • EPSS Score: %56.44
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-9245

    The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system.... Read more

    Affected Products : ipecs_nms
    • EPSS Score: %13.06
    • Published: Apr. 22, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2933

    Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.... Read more

    Affected Products : cloudportal_services_manager
    • EPSS Score: %0.42
    • Published: Sep. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2937

    Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, related to debugging messages, a different vulnerability than other CVEs listed in CTX137162.... Read more

    Affected Products : cloudportal_services_manager
    • EPSS Score: %0.42
    • Published: Sep. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-7263

    Linear eMerge E3-Series devices have a Version Control Failure.... Read more

    • EPSS Score: %0.40
    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-9796

    Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista invokes methods (AddJobSet, AddJob, and ExecuteNow) that ... Read more

    • EPSS Score: %23.67
    • Published: Dec. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-9583

    In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth se... Read more

    Affected Products : android
    • EPSS Score: %0.98
    • Published: Feb. 11, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-4050

    Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors.... Read more

    • EPSS Score: %0.16
    • Published: Jul. 24, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-2833

    admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and ... Read more

    Affected Products : le.cms
    • EPSS Score: %3.61
    • Published: Jun. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-15295

    Xpress Server in SAP POS does not require authentication for read/write/delete file access. This is SAP Security Note 2520064.... Read more

    Affected Products : point_of_sale_xpress_server
    • EPSS Score: %0.52
    • Published: Oct. 16, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2013-3542

    Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it eas... Read more

    • EPSS Score: %3.24
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-1383

    Unspecified vulnerability in the NetEase Reader (com.netease.pris) application 1.1.2 and 1.2.0 for Android has unknown impact and attack vectors.... Read more

    Affected Products : android netease_reader
    • EPSS Score: %0.33
    • Published: Mar. 07, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2022-29592

    Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).... Read more

    Affected Products : tx9_pro_firmware tx9_pro
    • EPSS Score: %19.87
    • Published: May. 05, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-6894

    Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown impact and attack vectors, related to (1) "Placeholders in database handler" and (2) "Macro admin security."... Read more

    Affected Products : spine
    • EPSS Score: %0.34
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6903

    Unspecified vulnerability in the Toshiba Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.... Read more

    Affected Products : bluetooth
    • EPSS Score: %0.79
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2023-20238

    A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affe... Read more

    • EPSS Score: %30.71
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-5655

    TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.... Read more

    • EPSS Score: %17.81
    • Published: Jan. 16, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 290955 Results