Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-6584

    Multiple buffer overflows in italkplus (Italk+) before 0.92.1 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : italkplus
    • EPSS Score: %3.17
    • Published: Dec. 15, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6627

    Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA ... Read more

    • EPSS Score: %9.86
    • Published: Dec. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6859

    SQL injection vulnerability in coupon_detail.asp in Website Designs For Less Click N' Print Coupons 2005.01 and earlier allows remote attackers to execute arbitrary SQL commands via the key parameter.... Read more

    Affected Products : click_n_print_coupons
    • EPSS Score: %1.17
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6863

    PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a f... Read more

    Affected Products : wordpress_bridge
    • EPSS Score: %5.84
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6864

    PHP remote file inclusion vulnerability in E2_header.inc.php in Enigma2 Coppermine Bridge 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter.... Read more

    Affected Products : coppermine_bridge
    • EPSS Score: %3.10
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6902

    Unspecified vulnerability in the Bluetooth stack in Microsoft Windows Mobile Pocket PC edition allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.... Read more

    • EPSS Score: %30.58
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6908

    Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows,... Read more

    • EPSS Score: %35.62
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6853

    Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002.... Read more

    Affected Products : durian_web_application_server
    • EPSS Score: %18.52
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0057

    Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain u... Read more

    • EPSS Score: %3.12
    • Published: Jan. 04, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0117

    DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permissi... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %7.05
    • Published: Jan. 09, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0203

    Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.... Read more

    Affected Products : phpmyadmin
    • EPSS Score: %0.74
    • Published: Jan. 11, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6901

    Unspecified vulnerability in the Bluetooth stack in Microsoft Windows allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.... Read more

    • EPSS Score: %30.58
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0261

    snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, as demonstrated by changing an administrative password via the changeup task, and by uplo... Read more

    Affected Products : snews snews
    • EPSS Score: %7.02
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6940

    Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP to OWA (pop2owa) 1.1.3 allows remote attackers to execute arbitrary code via a long header in an e-mail message.... Read more

    Affected Products : owa
    • EPSS Score: %5.12
    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0386

    Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vectors, related to "an interesting bug."... Read more

    Affected Products : postnuke
    • EPSS Score: %0.33
    • Published: Jan. 19, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0495

    PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter.... Read more

    Affected Products : phpsherpa
    • EPSS Score: %1.80
    • Published: Jan. 25, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0504

    Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2... Read more

    Affected Products : vote_pro
    • EPSS Score: %5.79
    • Published: Jan. 26, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0466

    Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 allows remote attackers to execute arbitrary code via a crafted ASF_File_Properties_Object size field in a WMV file, which triggers memory corruption.... Read more

    • EPSS Score: %21.57
    • Published: Jan. 31, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0640

    Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses."... Read more

    Affected Products : zabbix
    • EPSS Score: %0.89
    • Published: Jan. 31, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0417

    BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and 9.1, when using the WebLogic Server 6.1 compatibility realm, allows attackers to execute certain EJB container persistence operations with an administrative identity.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.78
    • Published: Jan. 23, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292199 Results