Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2019-20530

    An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), P(9.0), and Q(10.0) software. Arbitrary code execution is possible on the lock screen. The Samsung ID is SVE-2019-15266 (December 2019).... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0300

    A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. Th... Read more

    Affected Products : smart_s150_firmware smart_s150
    • EPSS Score: %0.93
    • Published: Jan. 08, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-4639

    A vulnerability, which was classified as critical, has been found in sslh. This issue affects the function hexdump of the file probe.c of the component Packet Dumping Handler. The manipulation of the argument msg_info leads to format string. The attack ma... Read more

    Affected Products : sslh
    • EPSS Score: %0.11
    • Published: Dec. 21, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-45145

    egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.... Read more

    Affected Products : chicken
    • EPSS Score: %0.20
    • Published: Dec. 10, 2022
    • Modified: Apr. 23, 2025

  • 9.8

    CRITICAL
    CVE-2024-0299

    A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os co... Read more

    Affected Products : n200re_firmware n200re
    • EPSS Score: %1.54
    • Published: Jan. 08, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0297

    A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. Th... Read more

    Affected Products : n200re_firmware n200re
    • EPSS Score: %1.14
    • Published: Jan. 08, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0321

    Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.... Read more

    Affected Products : gpac
    • EPSS Score: %0.07
    • Published: Jan. 08, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-20504

    service/krashrpt.php in Quest KACE K1000 Systems Management Appliance before 6.4 SP3 (6.4.120822) allows a remote attacker to execute code via shell metacharacters in the kuid parameter.... Read more

    • EPSS Score: %47.18
    • Published: Mar. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-45423

    A Buffer Overflow vulnerabilityexists in Pev 0.81 via the pe_exports function from exports.c.. The array offsets_to_Names is dynamically allocated on the stack using exp->NumberOfFunctions as its size. However, the loop uses exp->NumberOfNames to iterate ... Read more

    Affected Products : pev
    • EPSS Score: %0.41
    • Published: Mar. 13, 2023
    • Modified: Mar. 03, 2025

  • 9.8

    CRITICAL
    CVE-2021-44496

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structure... Read more

    Affected Products : gt.m
    • EPSS Score: %1.16
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-10589

    The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the import_settings() function in all versions up to, and including, 3... Read more

    Affected Products :
    • Published: Nov. 09, 2024
    • Modified: Nov. 12, 2024

  • 9.8

    CRITICAL
    CVE-2021-41736

    Faust v2.35.0 was discovered to contain a heap-buffer overflow in the function realPropagate() at propagate.cpp.... Read more

    Affected Products : faust
    • EPSS Score: %0.30
    • Published: Mar. 22, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0204

    Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.... Read more

    Affected Products : goanywhere_managed_file_transfer
    • EPSS Score: %93.33
    • Published: Jan. 22, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-33027

    Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce.... Read more

    Affected Products : singularity
    • EPSS Score: %0.61
    • Published: Jul. 19, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0471

    A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin_route/dec_service_credits.php. The manipulation of the argument date leads to sql... Read more

    • EPSS Score: %0.05
    • Published: Jan. 12, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-28282

    Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution.... Read more

    Affected Products : getobject
    • EPSS Score: %1.98
    • Published: Dec. 29, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-22452

    SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.... Read more

    Affected Products : phpmyadmin
    • EPSS Score: %2.87
    • Published: Jan. 26, 2023
    • Modified: Apr. 01, 2025

  • 9.8

    CRITICAL
    CVE-2019-8427

    daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.... Read more

    Affected Products : zoneminder
    • EPSS Score: %3.00
    • Published: Feb. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-19636

    An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c.... Read more

    Affected Products : libsixel
    • EPSS Score: %0.42
    • Published: Dec. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-13952

    The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.... Read more

    Affected Products : gdnsd
    • EPSS Score: %0.40
    • Published: Jul. 18, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292719 Results