Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.4

    CRITICAL
    CVE-2021-32642

    radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports. Missing input validation in radsecproxy's `naptr-eduroam.sh` and `radsec-dynsrv.sh` scripts can lead to configuration injection via crafted radsec peer discov... Read more

    Affected Products : fedora radsecproxy
    • EPSS Score: %1.04
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2022-43761

    Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07 allows reading and changing the system configuration.  ... Read more

    Affected Products : industrial_automation_aprol
    • EPSS Score: %0.07
    • Published: Feb. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2022-30711

    Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.... Read more

    Affected Products : android dex
    • EPSS Score: %0.06
    • Published: Jun. 07, 2022
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2023-1899

    Atlas Copco Power Focus 6000 web server is not a secure connection by default, which could allow an attacker to gain sensitive information by monitoring network traffic between user and controller.... Read more

    • EPSS Score: %0.08
    • Published: Jun. 12, 2023
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2021-22272

    The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.de or mybuildings.abb.com profile. A successful attacker... Read more

    Affected Products : mybuildings mybusch-jaeger
    • EPSS Score: %0.19
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2024-35783

    A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions < V2020 SP2 Update 5), SIMATIC Information Server 2022 (All versions < V2022 SP1 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2... Read more

    • Published: Sep. 10, 2024
    • Modified: Jan. 14, 2025

  • 9.4

    CRITICAL
    CVE-2024-33499

    A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1... Read more

    Affected Products : simatic_rtls_locating_manager
    • Published: May. 14, 2024
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2024-56333

    Onyxia is a web app that aims at being the glue between multiple open source backend technologies to provide a state of art working environment for data scientists. This critical vulnerability allows authenticated users to remotely execute code within the... Read more

    Affected Products :
    • Published: Dec. 20, 2024
    • Modified: Dec. 20, 2024

  • 9.4

    CRITICAL
    CVE-2024-6235

    Sensitive information disclosure in NetScaler Console... Read more

    Affected Products : netscaler_console
    • Published: Jul. 10, 2024
    • Modified: May. 14, 2025

  • 9.4

    CRITICAL
    CVE-2024-39815

    Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of serv... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 20, 2024

  • 9.4

    CRITICAL
    CVE-2023-35871

    The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64... Read more

    Affected Products : web_dispatcher
    • EPSS Score: %0.38
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2025-27133

    WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was discovered in the WeGIA application prior to version 3.2.15 at the `adicionar_tipo_exame.php` endpoint. This vulnerability allows an authorized attacker to execute arbit... Read more

    Affected Products : wegia
    • Published: Feb. 24, 2025
    • Modified: Feb. 24, 2025
    • Vuln Type: Injection

  • 9.4

    HIGH
    CVE-2007-2271

    Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS Distribution 1.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the dnld parameter.... Read more

    Affected Products : usp_foss_distribution
    • EPSS Score: %6.76
    • Published: Apr. 25, 2007
    • Modified: Apr. 09, 2025

  • 9.4

    CRITICAL
    CVE-2024-25527

    RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklog_template_show.aspx.... Read more

    Affected Products : ruvaroa
    • Published: May. 08, 2024
    • Modified: Apr. 17, 2025

  • 9.4

    CRITICAL
    CVE-2019-17354

    wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page.... Read more

    Affected Products : nbg-418n_v2_firmware nbg-418n_v2
    • EPSS Score: %0.30
    • Published: Oct. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2014-6221

    The MSCAPI/MSCNG interface implementation in GSKit in IBM Rational ClearCase 7.1.2.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 does not properly generate random numbers, which makes it easier for remote attackers to defeat crypt... Read more

    Affected Products : rational_clearcase
    • EPSS Score: %0.63
    • Published: Apr. 06, 2015
    • Modified: Apr. 12, 2025

  • 9.4

    HIGH
    CVE-2015-8753

    SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.... Read more

    Affected Products : afaria
    • EPSS Score: %0.47
    • Published: Jan. 08, 2016
    • Modified: Apr. 12, 2025

  • 9.4

    HIGH
    CVE-2019-14011

    Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/ bearer modify context reject in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial... Read more

    • EPSS Score: %0.24
    • Published: Apr. 16, 2020
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2016-0699

    Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to the Login sub-component.... Read more

    • EPSS Score: %0.67
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 9.4

    HIGH
    CVE-2005-4853

    The default configuration of the forum package in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does not restrict edit permissions to a posting's owner, which allows remote authenticated users to edit arbitrar... Read more

    Affected Products : ez_publish
    • EPSS Score: %0.44
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291316 Results