Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-0824

    Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors.... Read more

    Affected Products : caroline
    • Published: Feb. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1465

    Stack-based buffer overflow in dproxy.c for dproxy 0.1 through 0.5 allows remote attackers to execute arbitrary code via a long DNS query packet to UDP port 53.... Read more

    Affected Products : dproxy
    • Published: Mar. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-0002

    The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets wit... Read more

    Affected Products : freebsd
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2024-2086

    The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due t... Read more

    Affected Products :
    • Published: Mar. 30, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-0895

    Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request.... Read more

    Affected Products : soho_firewall
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-2371

    admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct sta... Read more

    Affected Products : phpmynewsletter
    • Published: Apr. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0270

    Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to execute arbitrary code via a large PXE protocol request in a UDP packet.... Read more

    Affected Products : systemcastwizard_lite
    • Published: Jan. 26, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2001-0277

    Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request.... Read more

    Affected Products : badblue
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-17064

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter af... Read more

    Affected Products : dir-816_a2_firmware dir-816_a2
    • Published: Sep. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-17067

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.... Read more

    Affected Products : dir-816_a2_firmware dir-816_a2
    • Published: Sep. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-0968

    Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.... Read more

    Affected Products : freeradius
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2022-31125

    Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted... Read more

    Affected Products : roxy-wi
    • Published: Jul. 06, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-2639

    Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote attackers to read or modify arbitrary files outside the TFTP root via unspecified vectors.... Read more

    Affected Products : tftp_server_tftpdwin
    • Published: May. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-4597

    Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second a... Read more

    Affected Products : integraxor
    • Published: Dec. 23, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2833

    Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships in... Read more

    Affected Products : chrome chrome_os
    • Published: Apr. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2018-1722

    IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370.... Read more

    Affected Products : security_access_manager
    • Published: Aug. 24, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-9036

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer resulting in adjacent memory getting corrupted.... Read more

    Affected Products : android
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-9037

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message.... Read more

    Affected Products : android
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2004-1760

    The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.... Read more

    • Published: Jan. 21, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-9147

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, userspace-provided pointer arguments are not validated.... Read more

    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293280 Results