Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-4781

    core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to execute arbitrary commands via unspecified vectors.... Read more

    • EPSS Score: %4.50
    • Published: Jul. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-9957

    An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36387564.... Read more

    Affected Products : android
    • EPSS Score: %0.58
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-1048

    Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.... Read more

    • EPSS Score: %59.77
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-2077

    Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown impact and attack vectors related to "data form list view."... Read more

    Affected Products : webgui
    • EPSS Score: %0.42
    • Published: May. 05, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-20432

    D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.... Read more

    • EPSS Score: %16.53
    • Published: Sep. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-2075

    TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors.... Read more

    • EPSS Score: %2.52
    • Published: Feb. 27, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-1999-0535

    A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %11.70
    • Published: Jan. 01, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0246

    Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter.... Read more

    Affected Products : les_commentaires
    • EPSS Score: %1.44
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-2428

    Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation.... Read more

    Affected Products : xarrow
    • EPSS Score: %1.89
    • Published: May. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-1971

    A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to perform a command injection attack and execute arbitrary commands with root privileges. The vulnerability is due t... Read more

    • EPSS Score: %1.40
    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-3623

    Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute ar... Read more

    • EPSS Score: %83.23
    • Published: Dec. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-1999-0233

    IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.... Read more

    Affected Products : internet_information_services
    • EPSS Score: %29.53
    • Published: Feb. 25, 1996
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2017-13160

    A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362.... Read more

    Affected Products : android
    • EPSS Score: %1.26
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2019-10787

    im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.... Read more

    Affected Products : im-resize
    • EPSS Score: %3.34
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-4501

    Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs.... Read more

    Affected Products : cloudstack cloudstack
    • EPSS Score: %2.73
    • Published: Oct. 26, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-3483

    Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.... Read more

    • EPSS Score: %0.33
    • Published: Jun. 28, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-5127

    Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP reques... Read more

    Affected Products : windows reporter
    • EPSS Score: %28.81
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-10511

    HGiga C&Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAILN before olln-base-5.0-418.i386.rpm contains insecure configurations. Attackers can exploit these flaws to access unauthorized functionality via a crafted URL.... Read more

    Affected Products : oaklouds_ccm\@il
    • EPSS Score: %0.52
    • Published: Apr. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-2951

    Datum Systems SnIP on PSM-500 and PSM-4500 devices has a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors.... Read more

    Affected Products : snip
    • EPSS Score: %1.30
    • Published: Jul. 14, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2011-5121

    The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not properly check whether unspecified X.509 certificates are revoked, which has unknown impact and remote attack vectors.... Read more

    Affected Products : comodo_internet_security
    • EPSS Score: %0.18
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291002 Results