Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2012-3815

    Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from ... Read more

    Affected Products : winlog_lite winlog_pro
    • EPSS Score: %80.82
    • Published: Jun. 27, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4353

    Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open at... Read more

    Affected Products : winlog_lite winlog_pro
    • EPSS Score: %13.21
    • Published: Aug. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4355

    TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect fu... Read more

    Affected Products : winlog_lite winlog_pro
    • EPSS Score: %30.76
    • Published: Aug. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4357

    Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to exe... Read more

    Affected Products : winlog_lite winlog_pro
    • EPSS Score: %23.45
    • Published: Aug. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4358

    Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or pos... Read more

    Affected Products : winlog_lite winlog_pro
    • EPSS Score: %1.68
    • Published: Aug. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-5189

    Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an H... Read more

    • EPSS Score: %0.57
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-5171

    Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file.... Read more

    Affected Products : power2go
    • EPSS Score: %59.81
    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-5006

    Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug-in 6.1.4 Build 27351 and other versions before 6.1.4.27993 allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a djvu file.... Read more

    Affected Products : djvu_browser_plug-in
    • EPSS Score: %7.85
    • Published: Sep. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-6422

    The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memor... Read more

    Affected Products : mx galaxy_note_2 galaxy_s2
    • EPSS Score: %6.61
    • Published: Dec. 18, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-6271

    Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of arbitrary signed Xtras via a Shockwave movie that contains an Xtra URL, as demonstrated by a URL for an outdated Xtra.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %0.59
    • Published: Dec. 20, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0710

    Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document.... Read more

    Affected Products : writer_2007 writer_2010
    • EPSS Score: %11.00
    • Published: Mar. 05, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-0450

    An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it is mitigated by current platform configurati... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2012-5937

    Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through 2.2 and other products, allows remote attackers to execut... Read more

    • EPSS Score: %1.49
    • Published: Apr. 12, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0600

    Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 FP3 allows remote attackers to bypass authentication and perform administrative actions via unknown vectors.... Read more

    • EPSS Score: %0.38
    • Published: May. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0685

    Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or cause a denial of service (resource consumption) via unk... Read more

    Affected Products : wonderware_information_server
    • EPSS Score: %2.48
    • Published: May. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-6553

    Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote attackers to execute arbitrary code via a Portable Executable (PE) file with a resource section containing a string that has many tab or line feed characters.... Read more

    Affected Products : resource_hacker
    • EPSS Score: %7.76
    • Published: May. 23, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-6569

    Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to... Read more

    • EPSS Score: %3.04
    • Published: Jun. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-4787

    Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptogr... Read more

    Affected Products : android
    • EPSS Score: %52.60
    • Published: Jul. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-6349

    Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.... Read more

    Affected Products : lotus_notes notes keyview_idol
    • EPSS Score: %7.95
    • Published: Jul. 18, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1115

    Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cra... Read more

    • EPSS Score: %1.51
    • Published: Sep. 06, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291564 Results