Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2025-7353

    A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, ... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Misconfiguration

  • 9.3

    HIGH
    CVE-2007-4203

    Session fixation vulnerability in Mambo 4.6.2 CMS allows remote attackers to hijack web sessions by setting the Cookie parameter.... Read more

    Affected Products : mambo_open_source
    • Published: Aug. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5383

    Stack-based buffer overflow in National Instruments Electronics Workbench allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .ewb file.... Read more

    Affected Products : electronics_workbench
    • Published: Dec. 09, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6713

    Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown impact and attack vectors related to malformed WMV files.... Read more

    Affected Products : flip4mac_wmv
    • Published: Apr. 16, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5664

    Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file.... Read more

    Affected Products : realtek_media_player
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0248

    Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method.... Read more

    • Published: Jan. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-3690

    Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 allows local users to gain privileges via a Trojan horse mfc70enu.dll or mfc80loc.dll in the current working directory.... Read more

    Affected Products : pdfill_pdf_editor
    • Published: Sep. 27, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-0702

    Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0.5.549 allow remote attackers to cause a denial of service (daemon crash or hang) and possibly execute arbitrary code via a long argument to the (1) USER or (2) PASS command, different v... Read more

    Affected Products : titan_ftp_server
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4043

    Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow... Read more

    Affected Products : pcvue frontvue pcvue plantvue
    • Published: Apr. 03, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4783

    The IDAPython plugin before 1.5.2.3 in IDA Pro allows user-assisted remote attackers to execute arbitrary code via a crafted IDB file, related to improper handling of certain swig_runtime_data files in the current working directory.... Read more

    Affected Products : ida idapython
    • Published: Dec. 27, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-0812

    Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and earlier versions allows remote attackers to execute arbitrary code via a crafted Intel Hex Code (.hex) file. NOTE: some of these details are obtained from ... Read more

    Affected Products : hex_workshop
    • Published: Mar. 04, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2016-10275

    An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device co... Read more

    Affected Products : android
    • Published: May. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-10439

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, there is a TOCTOU vulnerability in the input validation for bulletin_board... Read more

    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10560

    galenframework-cli is the node wrapper for the Galen Framework. galenframework-cli below 2.3.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the req... Read more

    Affected Products : galenframework-cli
    • Published: May. 31, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10650

    ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker cont... Read more

    Affected Products : ntfserver
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10659

    poco - The POCO libraries, downloads source file resources used for compilation over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker control... Read more

    Affected Products : poco
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2016-1929

    The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and consequently cause a denial of service (disk consumption and process crash) via a crafted HTTP request, related to an unspecified debug function, aka SAP Security No... Read more

    Affected Products : hana
    • Published: Jan. 20, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2448

    media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly validate entry data structures, which allows attackers to gain ... Read more

    Affected Products : android
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2472

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27776888.... Read more

    Affected Products : android
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2486

    mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate the relationship between allocated memory and the frame size, which allows attackers to ga... Read more

    Affected Products : android
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293315 Results