Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-37563

    MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software... Read more

    • EPSS Score: %0.55
    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-42635

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.... Read more

    Affected Products : linux_kernel macos web_stack
    • EPSS Score: %23.53
    • Published: Jan. 31, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37803

    An SQL Injection vulnerability exists in Sourcecodester Online Covid Vaccination Scheduler System 1.0 via the username in lognin.php .... Read more

    • EPSS Score: %0.32
    • Published: Oct. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39692

    In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-6267

    NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privile... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Feb. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31526

    The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : thunderdocs
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31530

    The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : csm_server
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-5662

    Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and earlier allow downloaded programs to execute arbitrary code via unknown vectors.... Read more

    Affected Products : java_wireless_toolkit_for_cldc
    • EPSS Score: %2.45
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-4148

    Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.... Read more

    Affected Products : anyconnect
    • EPSS Score: %0.38
    • Published: Nov. 02, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-8389

    An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and then attempt to rasterize these shapes. As the applicatio... Read more

    Affected Products : argus
    • EPSS Score: %0.65
    • Published: Feb. 28, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2012-0395

    Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : networker
    • EPSS Score: %5.55
    • Published: Jan. 27, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0402

    EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obtain access via unknown vectors.... Read more

    Affected Products : envision
    • EPSS Score: %0.86
    • Published: Mar. 20, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-4988

    Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote attackers to execute arbitrary code via a long idCount value in an ICONDIR structure in an ICO file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : icofx
    • EPSS Score: %81.14
    • Published: Dec. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2023-32113

    SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and mo... Read more

    Affected Products : gui_for_windows
    • EPSS Score: %0.18
    • Published: May. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-2488

    The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27600832.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-4230

    Stack-based buffer overflow in a certain ActiveX control for the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 allows remote attackers to execute arbitrary code via a long string in the first argument ... Read more

    • EPSS Score: %7.78
    • Published: Nov. 17, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-5241

    There is a privilege escalation vulnerability in Huawei PCManager versions earlier than PCManager 9.0.1.50. The attacker can tricking a user to install and run a malicious application to exploit this vulnerability. Successful exploitation may cause the at... Read more

    Affected Products : pcmanager
    • EPSS Score: %0.07
    • Published: Jun. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-4722

    IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute a... Read more

    Affected Products : i2_analysts_notebook
    • EPSS Score: %0.22
    • Published: Oct. 29, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-5288

    P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root pe... Read more

    Affected Products : p30_firmware p30
    • EPSS Score: %0.14
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-5414

    If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port < 1.3.2.... Read more

    Affected Products : kill-port
    • EPSS Score: %0.51
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291750 Results