Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0551

    The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files.... Read more

    Affected Products : netop
    • EPSS Score: %0.71
    • Published: May. 23, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-8636

    An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution .... Read more

    Affected Products : opmon
    • EPSS Score: %4.75
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2001-0218

    Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : mars_nwe
    • EPSS Score: %2.32
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-3280

    A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserializa... Read more

    Affected Products : unified_contact_center_express
    • EPSS Score: %6.34
    • Published: May. 22, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2001-0629

    HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %0.98
    • Published: Aug. 14, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-17066

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in... Read more

    Affected Products : dir-816_a2_firmware dir-816_a2
    • EPSS Score: %29.49
    • Published: Sep. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1567

    Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (... Read more

    Affected Products : igss
    • EPSS Score: %79.00
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-6601

    libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22935234.... Read more

    Affected Products : android
    • EPSS Score: %1.47
    • Published: Oct. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-12326

    Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload (shell commands within the file) and trigger code execution.... Read more

    Affected Products : sp-r50p_firmware sp-r50p
    • EPSS Score: %1.56
    • Published: Jul. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-3980

    PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.... Read more

    Affected Products : rgamescript_pro
    • EPSS Score: %1.75
    • Published: Jul. 25, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2719

    Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.... Read more

    Affected Products : systems_insight_manager
    • EPSS Score: %5.72
    • Published: May. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2003-1595

    NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.... Read more

    Affected Products : netware netware_ftp_server
    • EPSS Score: %0.29
    • Published: Apr. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0104

    Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    • EPSS Score: %10.75
    • Published: Mar. 18, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3492

    Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted NETB packet to UDP port 20034.... Read more

    Affected Products : daqfactory
    • EPSS Score: %78.30
    • Published: Sep. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-9042

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when processing a QMI message.... Read more

    Affected Products : android
    • EPSS Score: %0.19
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-9068

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a mink syscall is not properly validated.... Read more

    Affected Products : android
    • EPSS Score: %0.15
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2010-4725

    Smarty before 3.0.0 RC3 does not properly handle an on value of the asp_tags option in the php.ini file, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : smarty
    • EPSS Score: %0.44
    • Published: Feb. 03, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-2810

    SQL injection vulnerability in down_indir.asp in Gazi Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party in... Read more

    Affected Products : gazi_download_portal
    • EPSS Score: %0.39
    • Published: May. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-4099

    Multiple unspecified vulnerabilities in OpenAL32.dll in JOAL 2.0-rc11, as used in JOGAMP, allow context-dependent attackers to execute arbitrary code via a crafted parameter to the (1) alAuxiliaryEffectSlotf1, (2) alBuffer3f1, (3) alBufferfv1, (4) alDelet... Read more

    Affected Products : joal jogamp
    • EPSS Score: %1.50
    • Published: Jun. 13, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-2936

    Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.... Read more

    Affected Products : cloudportal_services_manager
    • EPSS Score: %0.42
    • Published: Sep. 12, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291222 Results