Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-0980

    Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obt... Read more

    • Published: Feb. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-2261

    Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi.... Read more

    Affected Products : wap54gv3
    • Published: Jun. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-5912

    Unspecified vulnerability in Campware Campsite before 2.6.2 has unknown impact and attack vectors, related to a "Security fix for you-know-what," possibly related to encrypted passwords.... Read more

    Affected Products : campsite
    • Published: Nov. 15, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2023-51419

    Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome: from n/a through 1.11.10.7. ... Read more

    Affected Products : bertha_ai
    • Published: Dec. 29, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-0915

    The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an "overflow."... Read more

    Affected Products : chrome chrome_os
    • Published: Mar. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2361

    Winny 2.0b7.1 and earlier does not properly process BBS information, which has unspecified impact and remote attack vectors that might lead to use of the product's host for DDoS attacks.... Read more

    Affected Products : winny
    • Published: Aug. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-14268

    A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the client or inject code ... Read more

    Affected Products : notes
    • Published: Dec. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-7233

    GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and Activation" using DSASetup, and (4) an empty string for S... Read more

    Affected Products : precision_thunis-800\+
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-16523

    MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented.... Read more

    • Published: Nov. 03, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-0546

    EMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows remote attackers to bypass LDAP authentication by providing a valid account name.... Read more

    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2009-3092

    Buffer overflow on the ASUS WL-500W wireless router has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, becau... Read more

    Affected Products : asus_wl-500w
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7198

    Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have unknown impact and attack vectors.... Read more

    Affected Products : phpns
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2016-5788

    General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.... Read more

    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-26666

    Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.... Read more

    Affected Products : diaenergie
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2294

    Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdr... Read more

    • Published: Sep. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-7868

    A remote code execution vulnerability exists in helpUS(remote administration tool) due to improper validation of parameter of ShellExecutionExA function used for login.... Read more

    Affected Products : windows helpu
    • Published: Jun. 29, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-5197

    Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."... Read more

    Affected Products : condor
    • Published: Sep. 28, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-3829

    Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via ... Read more

    Affected Products : android
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-7124

    A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.... Read more

    Affected Products : intelligent_management_center
    • Published: Jun. 05, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-0029

    Cisco Application Velocity System (AVS) before 5.1.0 is installed with default passwords for some system accounts, which allows remote attackers to gain privileges.... Read more

    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 293344 Results