Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-2486

    Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to "staticservers.dat processing."... Read more

    Affected Products : emule_plus
    • EPSS Score: %0.40
    • Published: May. 28, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2026

    Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager... Read more

    • EPSS Score: %25.56
    • Published: Aug. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-3834

    Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application that uses HDCP encryption, leading to a heap-bas... Read more

    Affected Products : android
    • EPSS Score: %0.19
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-5196

    Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.... Read more

    Affected Products : condor
    • EPSS Score: %0.78
    • Published: Sep. 28, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-20716

    Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, WBR-B11... Read more

    • EPSS Score: %3.03
    • Published: Apr. 28, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6097

    Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."... Read more

    Affected Products : ingate_firewall ingate_siparator
    • EPSS Score: %0.34
    • Published: Nov. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2020-14516

    In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly.... Read more

    Affected Products : factorytalk_services_platform
    • EPSS Score: %0.18
    • Published: Mar. 18, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-3871

    libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23031033.... Read more

    Affected Products : android
    • EPSS Score: %1.47
    • Published: Oct. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-10538

    Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ... Read more

    • EPSS Score: %0.33
    • Published: Sep. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-6222

    Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 allows remote attackers to execute arbitrary code via a long request with a malformed length p... Read more

    • EPSS Score: %39.13
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-4798

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.... Read more

    Affected Products : loadrunner
    • EPSS Score: %82.92
    • Published: Jul. 29, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-20114

    On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of ... Read more

    • EPSS Score: %8.60
    • Published: Jan. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-10686

    An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled.... Read more

    Affected Products : apollo
    • EPSS Score: %0.35
    • Published: Apr. 01, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-4031

    Directory traversal vulnerability in saveFile.jsp in the development installation in Visual Mining NetChart allows remote attackers to write to arbitrary files via unspecified vectors.... Read more

    Affected Products : netcharts_server
    • EPSS Score: %40.63
    • Published: May. 29, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2021-32941

    Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (r... Read more

    Affected Products : n48pbb_firmware n48pbb
    • EPSS Score: %1.55
    • Published: May. 23, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-5895

    Multiple unspecified vulnerabilities in iRODS before 3.1 have unknown impact and attack vectors.... Read more

    Affected Products : irods
    • EPSS Score: %0.38
    • Published: Nov. 17, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3491

    The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service Engine before 5.8.1, and ActiveMatrix Service Performance... Read more

    • EPSS Score: %6.03
    • Published: Oct. 26, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4908

    TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.... Read more

    Affected Products : tinybrowser
    • EPSS Score: %61.85
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-13306

    System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ftpUser" POST parameter.... Read more

    Affected Products : a3002ru_firmware a3002ru
    • EPSS Score: %15.30
    • Published: Nov. 27, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-17506

    There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjuncti... Read more

    • EPSS Score: %92.73
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291368 Results