Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2020-25573

    An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint.... Read more

    Affected Products : linked-hash-map
    • EPSS Score: %0.60
    • Published: Sep. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-16700

    The slub_events (aka SLUB: Event Registration) extension through 3.0.2 for TYPO3 allows uploading of arbitrary files to the webserver. For versions 1.2.2 and below, this results in Remote Code Execution. In versions later than 1.2.2, this can result in De... Read more

    Affected Products : slub_events
    • EPSS Score: %2.15
    • Published: Oct. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-25784

    An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientGuard::SubOprMsg during incoming message handling... Read more

    Affected Products : 720p_firmware 720p
    • EPSS Score: %2.05
    • Published: Jan. 28, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-3821

    libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer d... Read more

    Affected Products : android
    • EPSS Score: %1.40
    • Published: Aug. 05, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2019-16941

    NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns... Read more

    Affected Products : ghidra
    • EPSS Score: %22.86
    • Published: Sep. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-5720

    includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the void_transaction.php filterType parameter.... Read more

    Affected Products : frontaccounting
    • EPSS Score: %0.28
    • Published: Jan. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20173

    A vulnerability was found in AlexRed contentmap. It has been rated as critical. Affected by this issue is the function Load of the file contentmap.php. The manipulation of the argument contentid leads to sql injection. The name of the patch is dd265d23ff4... Read more

    Affected Products : contentmap
    • EPSS Score: %0.04
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-17392

    Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled.... Read more

    Affected Products : sitefinity
    • EPSS Score: %0.48
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-26510

    Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed Tomcat Manager for deployment of a new .war file, with resultant remote code execution.... Read more

    • EPSS Score: %1.14
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-17320

    NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted ... Read more

    Affected Products : xftp
    • EPSS Score: %1.03
    • Published: Oct. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-5916

    Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and earlier, Ver 2.2 Patch 7 and earlier, Ver 2.3 Patch 9 and earlier, Ver 2.4 Patch 13 and earlier, Ver 2.5 Patch 12 and earlier, Ver 2.6 Patch 8 and earlier, Ve... Read more

    Affected Products : power_egg
    • EPSS Score: %0.87
    • Published: Feb. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-5945

    Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authentication of Cybozu Garoon.... Read more

    Affected Products : garoon
    • EPSS Score: %0.84
    • Published: May. 17, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-18283

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can gain remote code execution by sending specifically... Read more

    Affected Products : sppa-t3000_application_server
    • EPSS Score: %11.46
    • Published: Dec. 12, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-42019

    A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM... Read more

    • EPSS Score: %0.56
    • Published: Mar. 08, 2022
    • Modified: Aug. 12, 2025

  • 9.8

    CRITICAL
    CVE-2019-6327

    HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.... Read more

    • EPSS Score: %0.82
    • Published: Jun. 17, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-18344

    Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, or user page (id or classid parameter).... Read more

    Affected Products : online_grading_system
    • EPSS Score: %0.62
    • Published: Oct. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-18960

    Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes.... Read more

    Affected Products : firecracker
    • EPSS Score: %1.80
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-27998

    An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress.... Read more

    Affected Products : fastreport
    • EPSS Score: %0.55
    • Published: Oct. 29, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-28102

    cscms v4.1 allows for SQL injection via the "js_del" function.... Read more

    Affected Products : cscms
    • EPSS Score: %0.26
    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-28371

    An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. The FileOutputStream.write() method in FileOutputStream.java has a boundary check to prevent out-of-bounds memory read/write operations. However, an integer overflow leads to bypassing th... Read more

    Affected Products : avian
    • EPSS Score: %0.43
    • Published: Nov. 09, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291138 Results