Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-0340

    Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0... Read more

    • EPSS Score: %47.35
    • Published: May. 04, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-0819

    The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-38305

    23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expressions by limiting the builtins that are passed to the... Read more

    Affected Products : yamale
    • EPSS Score: %0.64
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0912

    Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to ad... Read more

    Affected Products : jportal_web_server
    • EPSS Score: %0.72
    • Published: Feb. 13, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1017

    PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter.... Read more

    Affected Products : vs-news-system
    • EPSS Score: %10.32
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2062

    Stack-based buffer overflow in VCDGear 3.55 and 3.56 BETA allows user-assisted remote attackers to execute arbitrary code via a long FILE argument in a CUE file.... Read more

    Affected Products : vcdgear
    • EPSS Score: %6.84
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2585

    Stack-based buffer overflow in the Verify function in the BarCodeWiz ActiveX control 2.0 and 2.52 (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument.... Read more

    Affected Products : barcode_activex_control
    • EPSS Score: %8.50
    • Published: May. 10, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3296

    The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods.... Read more

    Affected Products : web_thunderbolt
    • EPSS Score: %0.62
    • Published: Jun. 20, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3963

    Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) upgrade-0-2-3.php, (2) upgrade-0-3.php, or (3) upgrade... Read more

    Affected Products : usebb
    • EPSS Score: %1.43
    • Published: Jul. 25, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-2163

    Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM Systems Director 1.2.2 has unknown impact and attack vectors.... Read more

    • EPSS Score: %0.51
    • Published: May. 20, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-4473

    Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters.... Read more

    Affected Products : flash_player windows flash
    • EPSS Score: %20.94
    • Published: Oct. 17, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5176

    Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.623 and earlier allow remote attackers to execute arbitrary code via (1) a long 0x02 command to the remote administration service on TCP port 13500 or (2) a long invalid control filename ... Read more

    Affected Products : wincom_mpd_total
    • EPSS Score: %8.20
    • Published: Nov. 20, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-6748

    Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers to inject and execute arbitrary PHP code via the play action in a mega:// URI.... Read more

    Affected Products : megacubo
    • EPSS Score: %7.29
    • Published: Apr. 24, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4644

    Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote attackers to (1) read arbitrary files via a management-c... Read more

    Affected Products : splunk
    • EPSS Score: %5.89
    • Published: Jan. 03, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-10688

    Haxe 3 : The Cross-Platform Toolkit (a fork from David Mouton's damoebius/haxe-npm) haxe3 downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested reso... Read more

    Affected Products : haxe
    • EPSS Score: %0.77
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10691

    windows-seleniumjar is a module that downloads the Selenium Jar file windows-seleniumjar downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requeste... Read more

    Affected Products : windows-seleniumjar
    • EPSS Score: %0.77
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-1495

    Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or g... Read more

    Affected Products : mate_s_firmware mate_s
    • EPSS Score: %0.06
    • Published: Apr. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2452

    codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted applicatio... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2481

    The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated ... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3793

    The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026625.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292319 Results