Latest CVE Feed
-
9.8
CRITICALCVE-2013-7426
Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1.... Read more
Affected Products : kamailio- EPSS Score: %1.40
- Published: Aug. 29, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2023-34152
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.... Read more
- EPSS Score: %68.92
- Published: May. 30, 2023
- Modified: Jan. 13, 2025
-
9.8
CRITICALCVE-2020-28018
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.... Read more
Affected Products : exim- EPSS Score: %63.68
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2023-36028
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 windows_10_1507 +4 more products- EPSS Score: %0.54
- Published: Nov. 14, 2023
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-20020
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution... Read more
- EPSS Score: %16.83
- Published: Dec. 19, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2020-27847
A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, inte... Read more
Affected Products : dex- EPSS Score: %0.76
- Published: May. 28, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2013-7285
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. ... Read more
- EPSS Score: %15.05
- Published: May. 15, 2019
- Modified: May. 23, 2025
-
9.8
CRITICALCVE-2023-37285
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.... Read more
- EPSS Score: %0.39
- Published: Jul. 28, 2023
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2023-3824
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or R... Read more
- EPSS Score: %34.75
- Published: Aug. 11, 2023
- Modified: Feb. 13, 2025
-
9.8
CRITICALCVE-2019-5482
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.... Read more
Affected Products : fedora debian_linux leap curl cloud_backup oncommand_insight oncommand_unified_manager oncommand_workflow_automation snapcenter steelstore_cloud_integrated_storage +7 more products- EPSS Score: %10.79
- Published: Sep. 16, 2019
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-26304
There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (821... Read more
Affected Products : arubaos- Published: May. 01, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2023-40400
This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution.... Read more
- EPSS Score: %1.68
- Published: Sep. 27, 2023
- Modified: May. 05, 2025
-
9.8
CRITICALCVE-2023-40889
A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the ... Read more
Affected Products : zbar- EPSS Score: %0.62
- Published: Aug. 29, 2023
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2023-21692
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_10_22h2 windows_server_2022 +7 more products- EPSS Score: %32.58
- Published: Feb. 14, 2023
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-26305
There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Succes... Read more
Affected Products : arubaos- Published: May. 01, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2023-21690
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_10_22h2 windows_server_2022 +6 more products- EPSS Score: %22.73
- Published: Feb. 14, 2023
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-22767
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is un... Read more
Affected Products : powerlogic_egx100_firmware powerlogic_egx300_firmware powerlogic_egx100 powerlogic_egx300- EPSS Score: %0.59
- Published: Jun. 11, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-7785
A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.... Read more
- EPSS Score: %10.90
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICAL- EPSS Score: %0.54
- Published: Nov. 15, 2019
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-7828
A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57,... Read more
- EPSS Score: %34.67
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024