Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2018-10718

    Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets.... Read more

    Affected Products : call_of_duty_modern_warfare_2
    • EPSS Score: %52.22
    • Published: May. 03, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-1361

    dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.... Read more

    Affected Products : dns_tools
    • EPSS Score: %2.84
    • Published: Apr. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-3040

    Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a (1) HandleUpgradeAll, (2) AgentUpgrade, (3) HandleQueryNod... Read more

    Affected Products : intelligent_contact_manager
    • EPSS Score: %25.56
    • Published: Nov. 09, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-11241

    An issue was discovered on SoftCase T-Router build 20112017 devices. A remote attacker can read and write to arbitrary files on the system as root, as demonstrated by code execution after writing to a crontab file. This is fixed in production builds as of... Read more

    Affected Products : t-router_firmware t-router
    • EPSS Score: %3.61
    • Published: Sep. 21, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-2345

    Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."... Read more

    Affected Products : air_filemanager
    • EPSS Score: %0.86
    • Published: May. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-2366

    Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802.... Read more

    • EPSS Score: %9.92
    • Published: Oct. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-15519

    Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin.... Read more

    Affected Products : power-response
    • EPSS Score: %0.80
    • Published: Aug. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-2388

    Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."... Read more

    Affected Products : opensuse opensuse
    • EPSS Score: %0.34
    • Published: Jun. 06, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-2159

    Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c.... Read more

    Affected Products : command_line_xml_toolkit
    • EPSS Score: %0.43
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2009-2317

    The Axesstel MV 410R has a certain default administrator password, and does not force a password change, which makes it easier for remote attackers to obtain access.... Read more

    Affected Products : mv_410r
    • EPSS Score: %0.88
    • Published: Jul. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-19646

    The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled.... Read more

    Affected Products : securesphere
    • EPSS Score: %2.61
    • Published: Nov. 28, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-12925

    Baseon Lantronix MSS devices do not require a password for TELNET access.... Read more

    Affected Products : mss_firmware mss
    • EPSS Score: %0.30
    • Published: Jun. 28, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-13551

    Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code w... Read more

    Affected Products : wise-paas\/rmm
    • EPSS Score: %0.99
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-1291

    Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSocket... Read more

    • EPSS Score: %29.75
    • Published: Apr. 30, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-7253

    The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie.... Read more

    Affected Products : edge_server
    • EPSS Score: %0.81
    • Published: Nov. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-14017

    Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Sna... Read more

    • EPSS Score: %0.43
    • Published: Jan. 21, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2331

    Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Vo... Read more

    • EPSS Score: %0.33
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-14313

    A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.... Read more

    Affected Products : photo_gallery
    • EPSS Score: %4.14
    • Published: Jul. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-14527

    An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication.... Read more

    Affected Products : mr1100_firmware mr1100
    • EPSS Score: %0.51
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3935

    Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors.... Read more

    • EPSS Score: %0.45
    • Published: Nov. 12, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 290977 Results