Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2007-1423

    Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.... Read more

    Affected Products : work_system_e-commerce
    • EPSS Score: %2.22
    • Published: Mar. 13, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-1119

    Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT ... Read more

    Affected Products : webex_recording_format_player
    • EPSS Score: %2.20
    • Published: Sep. 06, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-2503

    The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-3319

    Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.... Read more

    Affected Products : webex_recording_format_player
    • EPSS Score: %3.80
    • Published: Oct. 27, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2020-7819

    A SQL-Injection vulnerability in the nTracker USB Enterprise(secure USB management solution) allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information.... Read more

    Affected Products : windows ntracker_usb_enterprise
    • EPSS Score: %1.25
    • Published: Sep. 07, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-3209

    Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in Black Ice Document Imaging SDK 10.95 allows remote attackers to execute arbitrary code via a long string argument to the GetNumberOfImagesInGifFile method in the BIImgFrm Control Activ... Read more

    Affected Products : black_ice_document_imaging_sdk
    • EPSS Score: %7.63
    • Published: Jul. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-2252

    Untrusted search path vulnerability in self-extracting archive files created by File Compact Ver.5 version 5.10 and earlier, Ver.6 version 6.02 and earlier, Ver.7 version 7.02 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an ... Read more

    Affected Products : file_compact
    • EPSS Score: %0.14
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9961

    In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection.... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9967

    In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9924

    In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-8319

    Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, a... Read more

    Affected Products : mate_s_firmware p8_firmware p8 mate_s
    • EPSS Score: %0.06
    • Published: Apr. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2009-2011

    Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and probably other versions before 3.0.29.1, when used as a plug-in for Firefox, does not restrict access to the shell.execute JavaScript API method, which allows remote attackers to execute arbit... Read more

    Affected Products : firefox dx_studio_player
    • EPSS Score: %74.19
    • Published: Jun. 16, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5764

    PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.... Read more

    Affected Products : worksimple
    • EPSS Score: %28.38
    • Published: Dec. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3773

    Cross-site request forgery (CSRF) vulnerability in the Email-Template module in Generic YouTube Clone Script allows remote attackers to upload files with arbitrary file types to templates/emails/ as administrators.... Read more

    Affected Products : generic_youtube_clone_script
    • EPSS Score: %0.73
    • Published: Jul. 15, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-2602

    Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) 1.0.2.0 allow remote attackers to execute arbitrary code via the (1) seTokensArray, or (2) seTokensValuesArray parameter to the AddTokens method; (3) seLas... Read more

    Affected Products : sequeryobject_activex_control
    • EPSS Score: %4.40
    • Published: Jun. 06, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2017-0770

    A elevation of privilege vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38234812.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2013-2691

    Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 allows remote attackers to execute arbitrary code via a crafted MPEG2-TS video file, related to the MPEG2 transport stream.... Read more

    Affected Products : jetaudio
    • EPSS Score: %11.00
    • Published: Feb. 05, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-8939

    drivers/video/msm/mdp4_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate r stages, g stages, or b stages data, which allows attackers to gain privileges via a crafted application, aka Android intern... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Aug. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-9028

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-9029

    In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory.... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291812 Results