Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.4

    CRITICAL
    CVE-2023-33987

    An unauthenticated attacker in SAP Web Dispatcher - versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERN... Read more

    Affected Products : web_dispatcher
    • EPSS Score: %0.14
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2021-31217

    In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.... Read more

    Affected Products : dameware_mini_remote_control
    • EPSS Score: %0.26
    • Published: Jul. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2023-22644

    A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.... Read more

    Affected Products : manager_server
    • EPSS Score: %0.04
    • Published: Sep. 20, 2023
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2016-3546

    Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Report JSPs.... Read more

    • EPSS Score: %1.22
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 9.4

    HIGH
    CVE-2013-2352

    LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by lev... Read more

    • EPSS Score: %2.22
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.4

    HIGH
    CVE-2012-2627

    d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote attackers to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request.... Read more

    Affected Products : scrutinizer
    • EPSS Score: %9.54
    • Published: Jul. 31, 2012
    • Modified: Apr. 11, 2025

  • 9.4

    HIGH
    CVE-2018-14999

    The Leagoo P1 device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.wtk.factory (versionCode=1, versionName=1.0) that contains an exp... Read more

    Affected Products : p1_firmware p1
    • EPSS Score: %0.42
    • Published: Apr. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2002-2269

    Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.... Read more

    Affected Products : webster_http_server
    • EPSS Score: %0.09
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 9.4

    HIGH
    CVE-2018-14989

    The Plum Compass Android device with a build fingerprint of PLUM/c179_hwf_221/c179_hwf_221:6.0/MRA58K/W16.51.5-22:user/release-keys contains a pre-installed platform app with a package name of com.android.settings (versionCode=23, versionName=6.0-eng.root... Read more

    Affected Products : compass_firmware compass
    • EPSS Score: %0.29
    • Published: Apr. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2018-14062

    The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages (unrelated to distress alerts) via a crafted 406 MHz digital signal.... Read more

    Affected Products : cospas-sarsat_system
    • EPSS Score: %0.76
    • Published: Aug. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2023-22501

    An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances_._ With write access to... Read more

    Affected Products : jira_service_management
    • EPSS Score: %1.67
    • Published: Feb. 01, 2023
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2007-5862

    Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.21
    • Published: Dec. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.4

    HIGH
    CVE-2007-3191

    Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function.... Read more

    • EPSS Score: %5.55
    • Published: Jun. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.4

    HIGH
    CVE-2007-2644

    A certain ActiveX control in Morovia Barcode ActiveX Professional 3.3.1304 allows remote attackers to overwrite arbitrary files by calling the Save method with an arbitrary filename.... Read more

    Affected Products : barcode_activex_control
    • EPSS Score: %10.31
    • Published: May. 13, 2007
    • Modified: Apr. 09, 2025

  • 9.4

    HIGH
    CVE-2006-6767

    oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1) LPRT or (2) LPASV command with an unsupported address family, which triggers an assertion failure.... Read more

    Affected Products : oftpd
    • EPSS Score: %9.17
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4042

    An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer.... Read more

    Affected Products : pcvue frontvue pcvue plantvue
    • EPSS Score: %29.58
    • Published: Apr. 03, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3553

    Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file.... Read more

    Affected Products : nitro_pro nitro_reader
    • EPSS Score: %0.56
    • Published: Feb. 08, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1986

    In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction is ne... Read more

    Affected Products : android
    • EPSS Score: %0.34
    • Published: Feb. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-2731

    Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port (1) 4999 or (2) 80.... Read more

    Affected Products : sinema_server
    • EPSS Score: %2.36
    • Published: Apr. 19, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-1812

    A logic issue was addressed with improved validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to execute arbitrary code with system privileges.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.39
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292386 Results