Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

9.8

CRITICAL

CVE-2016-8512

A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found....

Affected Products : performance_center loadrunner
Published: Feb. 15, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2020-16226

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands....

Affected Products : q03udecpu_firmware q06ccpu-v_firmware l26cpu-$p$bt_firmware fx5uc-32mt\/d_firmware fx5uc-32mt\/dss_firmware fx5uc-32mt\/ds-ts_firmware fx5uc-32mt\/dss-ts_firmware fx5uc-32mr\/ds-ts_firmware fx5uj-24mt\/es_firmware fx5uj-40mt\/es_firmware +176 more products
Published: Oct. 05, 2020

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2016-9366

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ...

Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products
Published: Feb. 13, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2016-9849

An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9...

Affected Products : phpmyadmin
Published: Dec. 11, 2016

Modified: Apr. 12, 2025
9.8

CRITICAL

CVE-2020-16137

A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values. Note: We cannot prove this vulnerability exists. Out of an ...

Affected Products : unified_ip_conference_station_7937g_firmware unified_ip_conference_station_7937g
Published: Aug. 12, 2020

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2020-16098

It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6),...

Affected Products : command_centre
Published: Sep. 15, 2020

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2012-1622

Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors....

Affected Products : ofbiz
Published: Oct. 26, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences....

Affected Products : debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server_tus rubygems bundler
Published: Aug. 31, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2014-9852

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors....

Affected Products : leap imagemagick opensuse linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit linux_enterprise_workstation_extension
Published: Mar. 17, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-10984

An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code....

Affected Products : freeradius
Published: Jul. 17, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-11139

GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c....

Affected Products : debian_linux graphicsmagick
Published: Jul. 10, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-12065

spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter....

Affected Products : cacti
Published: Aug. 01, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2015-7705

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests....

Affected Products : data_ontap oncommand_performance_manager oncommand_unified_manager ntp xenserver clustered_data_ontap simatic_cp_443-1_opc_ua_firmware tim_4r-ie_firmware tim_4r-ie_dnp3_firmware tim_4r-ie +1 more products
Published: Aug. 07, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2011-1517

SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash....

Affected Products : netweaver
Published: Feb. 05, 2020

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-12987

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements()....

Affected Products : debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_server_aus tcpdump
Published: Sep. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-13012

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print()....

Affected Products : tcpdump
Published: Sep. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-13046

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print()....

Affected Products : tcpdump
Published: Sep. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-13687

The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print()....

Affected Products : debian_linux tcpdump
Published: Sep. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-13889

In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved credential validation....

Affected Products : mac_os_x mac_os_x
Published: Jan. 11, 2019

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2011-1460

WebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks are renderblocks....

Affected Products : chrome blink
Published: Nov. 05, 2019

Modified: Nov. 21, 2024

Showing 20 of 293352 Results

1
...
1462
1463
1464
1465
1466
1467
1468
...
14668

Browse by Apps

Latest CVE Feed

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable