Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-4057

    Unspecified vulnerability in Objective Development Sharity 3 before 3.5 has unknown impact and attack vectors, related to a "serious security problem."... Read more

    Affected Products : sharity
    • EPSS Score: %0.38
    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-14909

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a count value that is read from a file is not properly validated.... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-2429

    The server in xArrow before 3.4.1 performs an invalid read operation, which allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : xarrow
    • EPSS Score: %3.03
    • Published: May. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2559

    WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678.... Read more

    Affected Products : kinghistorian kingview
    • EPSS Score: %2.69
    • Published: Jul. 05, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-3455

    PHP remote file inclusion vulnerability in include/admin.php in JnSHosts PHP Hosting Directory 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the rd parameter.... Read more

    Affected Products : php_hosting_directory
    • EPSS Score: %1.30
    • Published: Aug. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-1050

    Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string encodings" and "inconsistencies in the handling of UTF8 sequences by the user interface."... Read more

    Affected Products : ida
    • EPSS Score: %0.52
    • Published: Feb. 21, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-16566

    On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core system files including those used for authentication (such as passwd and shadow). This can be abused to tak... Read more

    • EPSS Score: %1.33
    • Published: Nov. 17, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-4779

    Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary code via a long filename in a .zip file.... Read more

    Affected Products : tguzip
    • EPSS Score: %78.79
    • Published: Oct. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-3258

    Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : operations_orchestration
    • EPSS Score: %29.12
    • Published: Sep. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3263

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465.... Read more

    Affected Products : sitescope
    • EPSS Score: %24.21
    • Published: Sep. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-4502

    Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DFF) PHP Framework API allow remote attackers to execute arbitrary PHP code via a URL in the DFF_config[dir_include] parameter to (1) DFF_affiliate_client_API.php, (2) DFF_featured_prdt.f... Read more

    Affected Products : dff_framework_api
    • EPSS Score: %1.10
    • Published: Oct. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4873

    board.cgi in Sepal SPBOARD 4.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter during a down_file action.... Read more

    Affected Products : spboard
    • EPSS Score: %4.99
    • Published: Nov. 01, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-3010

    rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code ... Read more

    • EPSS Score: %3.08
    • Published: Nov. 01, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-5090

    Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attackers to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.... Read more

    Affected Products : advanced_electron_forum
    • EPSS Score: %11.20
    • Published: Nov. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5177

    Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attackers to (1) execute arbitrary code on a Linux platform, related to libytlindtb.so; or (2) cause a denial of service (application crash) and possibly execute ... Read more

    Affected Products : yosemite_backup
    • EPSS Score: %10.37
    • Published: Nov. 20, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5281

    Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command.... Read more

    Affected Products : titan_ftp_server
    • EPSS Score: %5.50
    • Published: Nov. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-3797

    Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memo... Read more

    Affected Products : pro-server_ex wingp_pc_runtime
    • EPSS Score: %49.20
    • Published: Jun. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-18130

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 80... Read more

    • EPSS Score: %0.22
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-3026

    rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code ... Read more

    • EPSS Score: %3.08
    • Published: Nov. 01, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-5982

    Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.... Read more

    Affected Products : patrol_agent
    • EPSS Score: %14.03
    • Published: Jan. 27, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 290957 Results