Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.4

    CRITICAL
    CVE-2023-22501

    An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances_._ With write access to... Read more

    Affected Products : jira_service_management
    • EPSS Score: %1.67
    • Published: Feb. 01, 2023
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2021-31217

    In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.... Read more

    Affected Products : dameware_mini_remote_control
    • EPSS Score: %0.26
    • Published: Jul. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2021-1296

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files ... Read more

    • EPSS Score: %0.44
    • Published: Feb. 04, 2021
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2020-14875

    Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker... Read more

    Affected Products : marketing
    • EPSS Score: %1.99
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2016-3546

    Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Report JSPs.... Read more

    • EPSS Score: %1.22
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 9.4

    HIGH
    CVE-2013-6207

    Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScope 10.1x, 11.1x, and 11.21 allows remote attackers to read arbitrary files or cause a denial of service via unknown vectors, aka ZDI-CAN-2084.... Read more

    Affected Products : sitescope
    • EPSS Score: %2.46
    • Published: Mar. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.4

    HIGH
    CVE-2013-2352

    LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by lev... Read more

    • EPSS Score: %2.22
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.4

    CRITICAL
    CVE-2024-1874

    In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply ... Read more

    Affected Products : fedora php
    • Published: Apr. 29, 2024
    • Modified: Jun. 18, 2025

  • 9.4

    HIGH
    CVE-2012-2627

    d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote attackers to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request.... Read more

    Affected Products : scrutinizer
    • EPSS Score: %9.54
    • Published: Jul. 31, 2012
    • Modified: Apr. 11, 2025

  • 9.4

    HIGH
    CVE-2010-3599

    Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity and availability via unknown vectors related to Import Server. NOTE: the previous information... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %41.05
    • Published: Jan. 19, 2011
    • Modified: Apr. 11, 2025

  • 9.4

    HIGH
    CVE-2007-5862

    Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.21
    • Published: Dec. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.4

    HIGH
    CVE-2007-3191

    Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function.... Read more

    • EPSS Score: %5.21
    • Published: Jun. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.4

    HIGH
    CVE-2007-2644

    A certain ActiveX control in Morovia Barcode ActiveX Professional 3.3.1304 allows remote attackers to overwrite arbitrary files by calling the Save method with an arbitrary filename.... Read more

    Affected Products : barcode_activex_control
    • EPSS Score: %10.31
    • Published: May. 13, 2007
    • Modified: Apr. 09, 2025

  • 9.4

    HIGH
    CVE-2007-0543

    ZixForum 1.14 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for Zixforum.mdb. NOTE: a followup post suggests th... Read more

    Affected Products : zixforum
    • EPSS Score: %0.29
    • Published: Jan. 29, 2007
    • Modified: Apr. 09, 2025

  • 9.4

    HIGH
    CVE-2006-6767

    oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1) LPRT or (2) LPASV command with an unsupported address family, which triggers an assertion failure.... Read more

    Affected Products : oftpd
    • EPSS Score: %8.85
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4042

    An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer.... Read more

    Affected Products : pcvue frontvue pcvue plantvue
    • EPSS Score: %29.58
    • Published: Apr. 03, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3553

    Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file.... Read more

    Affected Products : nitro_pro nitro_reader
    • EPSS Score: %0.56
    • Published: Feb. 08, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1986

    In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction is ne... Read more

    Affected Products : android
    • EPSS Score: %0.34
    • Published: Feb. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1041

    Multiple stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1 allow remote attackers to execute arbitrary code via a .nzb file with a long (1) group or (2) subject string.... Read more

    Affected Products : news_rover
    • EPSS Score: %16.50
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2014-2731

    Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port (1) 4999 or (2) 80.... Read more

    Affected Products : sinema_server
    • EPSS Score: %2.36
    • Published: Apr. 19, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291293 Results