Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-6918

    Unspecified vulnerability in the Admin login for Georgian discussion board (GeoBB) before 1.0 has unknown impact and attack vectors.... Read more

    Affected Products : geobb
    • EPSS Score: %0.39
    • Published: Jan. 11, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0841

    Multiple unspecified vulnerabilities in vbDrupal before 4.7.6.0 have unknown impact and remote attack vectors. NOTE: the vector related to Drupal is covered by CVE-2007-0626. These vulnerabilities might be associated with other CVE identifiers.... Read more

    Affected Products : vbdrupal
    • EPSS Score: %0.38
    • Published: Feb. 08, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0903

    Unspecified vulnerability in the mod_roster_odbc module in ejabberd before 1.1.3 has unknown impact and attack vectors.... Read more

    Affected Products : ejabberd
    • EPSS Score: %0.71
    • Published: Feb. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0915

    Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.... Read more

    Affected Products : hp-ux
    • EPSS Score: %3.14
    • Published: Feb. 14, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0954

    MOHA Chat 0.1b7 and earlier does not require authentication for use of the plug in API, which has unknown impact and attack vectors.... Read more

    Affected Products : moha_chat
    • EPSS Score: %0.36
    • Published: Feb. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7012

    scart.cgi in SCart 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter of a show_text action.... Read more

    Affected Products : scart
    • EPSS Score: %6.91
    • Published: Feb. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0976

    Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a long DVD_TOOLS.OpenDVD property value.... Read more

    Affected Products : actsoft_dvd_tools
    • EPSS Score: %20.74
    • Published: Feb. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1013

    PHP remote file inclusion vulnerability in generate.php in VirtualSystem Htaccess Passwort Generator 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the ht_pfad parameter.... Read more

    Affected Products : htaccess_passwort_generator
    • EPSS Score: %5.70
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1024

    PHP remote file inclusion vulnerability in include.php in Meganoide's news 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter.... Read more

    Affected Products : meganoides_news
    • EPSS Score: %2.49
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1045

    mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrative account and (2) "dqsfg"/"sdfg", which allows remote attackers to gain privileges.... Read more

    Affected Products : malbum
    • EPSS Score: %1.35
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1053

    Multiple PHP remote file inclusion vulnerabilities in phpXmms 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the tcmdp parameter to (1) phpxmmsb.php or (2) phpxmmst.php. NOTE: this issue has been disputed by a reliable third party,... Read more

    Affected Products : phpxmms
    • EPSS Score: %0.99
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1062

    The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and Station 7936 3.3(12) and earlier does not properly handle administrator HTTP sessions, which allows remote attackers to bypass authentication controls via a direct URL request to the ad... Read more

    • EPSS Score: %4.14
    • Published: Feb. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1073

    Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.... Read more

    Affected Products : mcrefer
    • EPSS Score: %0.98
    • Published: Feb. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7032

    PHP remote file inclusion vulnerability in phpbb/getmsg.php in FlashBB 1.1.5 and earlier allows remote attackers to execute arbitrary code via a URL in the phpbb_root_path parameter.... Read more

    Affected Products : flashbb
    • EPSS Score: %9.19
    • Published: Feb. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7036

    PHP remote file inclusion vulnerability in register.php for Andys Chat 4.5 allows remote attackers to execute arbitrary code via the action parameter. NOTE: this issue was announced by an unreliable researcher, but the vendor is no longer distributing th... Read more

    Affected Products : andys_chat
    • EPSS Score: %3.42
    • Published: Feb. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1097

    Unrestricted file upload vulnerability in the onAttachFiles function in the upload tool (inc/lib/attachment.lib.php) in Wiclear before 0.11.1 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to filename vali... Read more

    Affected Products : wiclear
    • EPSS Score: %0.78
    • Published: Feb. 26, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7095

    Integer signedness error in the network_receive_packet function in socket.c in dimension 3 engine (dim3) 1.5 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large data_len valu... Read more

    Affected Products : dim3
    • EPSS Score: %2.54
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7097

    Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have unknown impact and attack vectors.... Read more

    Affected Products : taskfreak
    • EPSS Score: %0.34
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1134

    Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown impact and attack vectors, related to "unauthorized accounts."... Read more

    Affected Products : watchtower
    • EPSS Score: %0.36
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-3892

    The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : networker
    • EPSS Score: %9.45
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292247 Results