Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-1140

    Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the De... Read more

    • EPSS Score: %7.60
    • Published: Jan. 20, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-51409

    Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98. ... Read more

    Affected Products : ai_engine ai_engine
    • Published: Apr. 12, 2024
    • Modified: Apr. 08, 2025

  • 10.0

    HIGH
    CVE-2021-37749

    MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL Injection via the Id (within sourceItems) parameter to the GetMap method.... Read more

    Affected Products : geomedia_webmap
    • EPSS Score: %0.92
    • Published: Aug. 30, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-1809

    The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.... Read more

    Affected Products : iphone_os ipod_touch
    • EPSS Score: %0.86
    • Published: Sep. 09, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-5473

    Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to (1) upload/updateDriver or (2) upload/addDriver or to execute arbitrary code with SYSTEM privilege... Read more

    Affected Products : syncthru_6
    • EPSS Score: %46.93
    • Published: Jun. 01, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-4673

    PHP remote file inclusion vulnerability in panel/common/theme/default/header_setup.php in WebBiscuits Software Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the (1) path[docroot] and (2) component parameters.... Read more

    Affected Products : events_calendar
    • EPSS Score: %2.48
    • Published: Oct. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7096

    Buffer overflow in the network_host_handle_join function in host.c in dimension 3 engine (dim3) 1.5 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.... Read more

    Affected Products : dim3
    • EPSS Score: %2.54
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2020-6144

    A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can sen... Read more

    Affected Products : opensis
    • EPSS Score: %10.78
    • Published: Sep. 01, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-15815

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame.... Read more

    Affected Products : android
    • EPSS Score: %0.63
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-6288

    Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."... Read more

    Affected Products : typo3 apache_solr
    • EPSS Score: %0.50
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2022-33936

    Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. A non-privileged user could potentially exploit this vulnerability, leading to achieving a root shell. This is a critical issue; so Dell recommends customers to upgrade at the ea... Read more

    • EPSS Score: %0.43
    • Published: Jul. 07, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-0251

    Stack-based buffer overflow in llogincircuit.cc in latd 1.25 through 1.30 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the llogin version.... Read more

    Affected Products : latd
    • EPSS Score: %10.01
    • Published: Mar. 19, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-2244

    Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Sna... Read more

    • EPSS Score: %0.33
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-1319

    Unspecified vulnerability in the IOPCServer::RemoveGroup function in the OPCDA interface in Takebishi Electric DeviceXPlorer OLE for Process Control (OPC) Server before 3.12 Build3 allows remote attackers to execute arbitrary code via unspecified vectors ... Read more

    Affected Products : devicexplorer_opc_server
    • EPSS Score: %45.34
    • Published: Mar. 19, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1393

    PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.... Read more

    Affected Products : magic_cms
    • EPSS Score: %8.47
    • Published: Mar. 10, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-2252

    Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,... Read more

    • EPSS Score: %1.20
    • Published: Sep. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-38611

    A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.... Read more

    Affected Products : remkon_device_manager
    • EPSS Score: %4.92
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-9828

    '/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request. This vulnerability is alread... Read more

    • EPSS Score: %57.86
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2013-6822

    GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue.... Read more

    Affected Products : netweaver
    • EPSS Score: %1.52
    • Published: Nov. 20, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-2045

    In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • EPSS Score: %0.87
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 290988 Results