Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2020-6144

    A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can sen... Read more

    Affected Products : opensis
    • EPSS Score: %10.78
    • Published: Sep. 01, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-15815

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame.... Read more

    Affected Products : android
    • EPSS Score: %0.63
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-6288

    Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."... Read more

    Affected Products : typo3 apache_solr
    • EPSS Score: %0.50
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2022-33936

    Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. A non-privileged user could potentially exploit this vulnerability, leading to achieving a root shell. This is a critical issue; so Dell recommends customers to upgrade at the ea... Read more

    • EPSS Score: %0.43
    • Published: Jul. 07, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-0251

    Stack-based buffer overflow in llogincircuit.cc in latd 1.25 through 1.30 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the llogin version.... Read more

    Affected Products : latd
    • EPSS Score: %10.01
    • Published: Mar. 19, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-2244

    Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Sna... Read more

    • EPSS Score: %0.33
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-1319

    Unspecified vulnerability in the IOPCServer::RemoveGroup function in the OPCDA interface in Takebishi Electric DeviceXPlorer OLE for Process Control (OPC) Server before 3.12 Build3 allows remote attackers to execute arbitrary code via unspecified vectors ... Read more

    Affected Products : devicexplorer_opc_server
    • EPSS Score: %45.34
    • Published: Mar. 19, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1393

    PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.... Read more

    Affected Products : magic_cms
    • EPSS Score: %8.47
    • Published: Mar. 10, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-2252

    Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,... Read more

    • EPSS Score: %1.20
    • Published: Sep. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-38611

    A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.... Read more

    Affected Products : remkon_device_manager
    • EPSS Score: %4.92
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-9828

    '/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request. This vulnerability is alread... Read more

    • EPSS Score: %57.86
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2013-6822

    GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue.... Read more

    Affected Products : netweaver
    • EPSS Score: %1.52
    • Published: Nov. 20, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-2045

    In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • EPSS Score: %0.87
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2047

    In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • EPSS Score: %0.87
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-9198

    The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.... Read more

    • EPSS Score: %0.68
    • Published: Jan. 27, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-24651

    A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %2.83
    • Published: Oct. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6293

    Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers to gain privileges via "some HMC commands."... Read more

    Affected Products : hardware_management_console
    • EPSS Score: %0.95
    • Published: Dec. 10, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2021-1459

    A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper v... Read more

    • EPSS Score: %1.45
    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14714

    System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.... Read more

    Affected Products : rt-ac3200_firmware rt-ac3200
    • EPSS Score: %67.25
    • Published: May. 13, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-6660

    GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether thes... Read more

    Affected Products : precision_mpi
    • EPSS Score: %0.57
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291275 Results