Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-3321

    Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a denial of service (memory corruption) or possibly execut... Read more

    • EPSS Score: %3.50
    • Published: Sep. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4250

    Stack-based buffer overflow in the RequestScreenOptimization function in the XProcessControl.ocx ActiveX control in msls31.dll in Samsung NET-i viewer 1.37 allows remote attackers to execute arbitrary code via a long string in the first argument.... Read more

    Affected Products : net-i_viewer
    • EPSS Score: %34.71
    • Published: Aug. 13, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-2879

    Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and... Read more

    Affected Products : webex
    • EPSS Score: %2.46
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2025-2080

    Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain an exposed web management service that could allow an attacker to bypass authentication measures and gain controls over utilities within the produ... Read more

    Affected Products :
    • Published: Mar. 13, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Authentication

  • 9.3

    CRITICAL
    CVE-2025-2199

    SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpec... Read more

    Affected Products :
    • Published: Mar. 17, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2019-8539

    A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary code wi... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.28
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-9834

    Improper data protection on the ventilator's serial interface could allow an attacker to send and receive messages that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.... Read more

    Affected Products :
    • Published: Nov. 14, 2024
    • Modified: Nov. 15, 2024

  • 9.3

    CRITICAL
    CVE-2025-27593

    The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems.... Read more

    Affected Products :
    • Published: Mar. 14, 2025
    • Modified: Mar. 14, 2025
    • Vuln Type: Supply Chain

  • 9.3

    CRITICAL
    CVE-2025-4009

    The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup netw... Read more

    Affected Products :
    • Published: May. 28, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Authentication

  • 9.3

    HIGH
    CVE-2011-5006

    Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file.... Read more

    Affected Products : qqplayer
    • EPSS Score: %30.31
    • Published: Dec. 25, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-29302

    TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may ... Read more

    Affected Products : tl-wr802n_firmware tl-wr802n
    • EPSS Score: %10.97
    • Published: Apr. 12, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2025-40714

    SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo id_factura in /<Client>FacturaE/listado_facturas_ficha.jsp.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-40715

    SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo mensaje in /QISClient/api/v1/sucesospaginas.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-49151

    The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens (JWT) to bypass authentication.... Read more

    Affected Products :
    • Published: Jun. 25, 2025
    • Modified: Jul. 17, 2025
    • Vuln Type: Authentication

  • 9.3

    HIGH
    CVE-2012-4607

    Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data.... Read more

    Affected Products : networker
    • EPSS Score: %10.14
    • Published: Jan. 17, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4614

    The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session.... Read more

    • EPSS Score: %0.58
    • Published: Nov. 27, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-1646

    Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long rtsp URL in a .ram file.... Read more

    Affected Products : mini-stream_rm_downloader
    • EPSS Score: %7.19
    • Published: May. 15, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2024-40505

    Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.... Read more

    Affected Products : dap-1650_firmware dap-1650
    • Published: Jul. 16, 2024
    • Modified: May. 29, 2025

  • 9.3

    CRITICAL
    CVE-2025-24664

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eniture Technology LTL Freight Quotes – Worldwide Express Edition allows SQL Injection. This issue affects LTL Freight Quotes – Worldwide Express Edition... Read more

    Affected Products : ltl_freight_quotes
    • Published: Jan. 27, 2025
    • Modified: Jan. 27, 2025

  • 9.3

    HIGH
    CVE-2009-2403

    Heap-based buffer overflow in SCMPX 1.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long string in a .m3u playlist file.... Read more

    Affected Products : scmpx
    • EPSS Score: %9.30
    • Published: Jul. 09, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 291712 Results