Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0515

    The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.... Read more

    Affected Products : hp-ux
    • EPSS Score: %1.47
    • Published: Jun. 07, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-16803

    In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code.... Read more

    Affected Products : cimscan
    • EPSS Score: %0.62
    • Published: Jan. 10, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-1999-1588

    Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.... Read more

    Affected Products : solaris
    • EPSS Score: %6.85
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2016-0815

    The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service ... Read more

    Affected Products : android
    • EPSS Score: %1.90
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2000-0166

    Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name.... Read more

    Affected Products : interaccess_telnetd_server
    • EPSS Score: %5.00
    • Published: Feb. 21, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0962

    Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switch... Read more

    Affected Products : apple_remote_desktop
    • EPSS Score: %1.78
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0551

    The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files.... Read more

    Affected Products : netop
    • EPSS Score: %0.71
    • Published: May. 23, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-8636

    An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution .... Read more

    Affected Products : opmon
    • EPSS Score: %4.75
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2001-0218

    Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : mars_nwe
    • EPSS Score: %2.32
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-3280

    A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserializa... Read more

    Affected Products : unified_contact_center_express
    • EPSS Score: %6.34
    • Published: May. 22, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2001-0629

    HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %0.98
    • Published: Aug. 14, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-17066

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in... Read more

    Affected Products : dir-816_a2_firmware dir-816_a2
    • EPSS Score: %29.49
    • Published: Sep. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1567

    Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (... Read more

    Affected Products : igss
    • EPSS Score: %79.00
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-6601

    libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22935234.... Read more

    Affected Products : android
    • EPSS Score: %1.47
    • Published: Oct. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-12326

    Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload (shell commands within the file) and trigger code execution.... Read more

    Affected Products : sp-r50p_firmware sp-r50p
    • EPSS Score: %1.56
    • Published: Jul. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-3980

    PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.... Read more

    Affected Products : rgamescript_pro
    • EPSS Score: %1.75
    • Published: Jul. 25, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2719

    Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.... Read more

    Affected Products : systems_insight_manager
    • EPSS Score: %5.72
    • Published: May. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2003-1595

    NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.... Read more

    Affected Products : netware netware_ftp_server
    • EPSS Score: %0.29
    • Published: Apr. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0104

    Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    • EPSS Score: %10.75
    • Published: Mar. 18, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3492

    Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted NETB packet to UDP port 20034.... Read more

    Affected Products : daqfactory
    • EPSS Score: %78.30
    • Published: Sep. 16, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291005 Results