Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2015-8088

    Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00... Read more

    Affected Products : mate_7_firmware p8_firmware p8 mate_7
    • EPSS Score: %0.80
    • Published: Jan. 12, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2018-0692

    Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : spark_browser
    • EPSS Score: %0.17
    • Published: Nov. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-1490

    Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Ac... Read more

    • EPSS Score: %4.16
    • Published: Mar. 25, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-18614

    The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via the admin.php order parameter.... Read more

    Affected Products : kama_click_counter
    • EPSS Score: %0.75
    • Published: Sep. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-2601

    Buffer overflow in a certain ActiveX control in the GDivX Zenith Player AviFixer class in fix.dll 1.0.0.1 allows remote attackers to execute arbitrary code via a long SetInputFile property value.... Read more

    Affected Products : gdivx_zenith_player
    • EPSS Score: %4.69
    • Published: May. 11, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5709

    Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file.... Read more

    Affected Products : sonicstage_connect_player
    • EPSS Score: %10.73
    • Published: Oct. 30, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-0763

    A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62534693.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0801

    A elevation of privilege vulnerability in the MediaTek libmtkomxvdec. Product: Android. Versions: Android kernel. Android ID: A-38447970. References: M-ALPS03337980.... Read more

    Affected Products : android
    • EPSS Score: %0.09
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    CRITICAL
    CVE-2023-30438

    An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead ... Read more

    • EPSS Score: %0.03
    • Published: May. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-4772

    D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless N600 Cloud Router 1.02 allows remote attackers to bypass authentication via a direct request when an authorized session is active.... Read more

    • EPSS Score: %0.26
    • Published: May. 12, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-2785

    Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attack... Read more

    • EPSS Score: %6.37
    • Published: Jul. 31, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-2196

    Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when SharePoint prefetch optimization is enabled, allows remote SharePoint servers to execute arbitrary code via a malformed response, aka Bug ID CSCue18479.... Read more

    Affected Products : wide_area_application_services
    • EPSS Score: %2.98
    • Published: May. 26, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-10232

    An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34386696. References: QC-CR#1024872.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-3290

    categoria.php in LiveCMS 3.4 and earlier allows remote attackers to obtain sensitive information via a ' (quote) character in the cid parameter, which reveals the path in a forced SQL error message.... Read more

    Affected Products : livecms
    • EPSS Score: %3.50
    • Published: Jun. 20, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-2817

    An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.... Read more

    Affected Products : mc-worx_suite
    • EPSS Score: %41.13
    • Published: Feb. 24, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-2271

    Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : attachecase
    • EPSS Score: %0.14
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2010-3135

    Untrusted search path vulnerability in Cisco Packet Tracer 5.2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .pkt or .... Read more

    Affected Products : packet_tracer
    • EPSS Score: %3.70
    • Published: Aug. 26, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3142

    Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a ... Read more

    Affected Products : powerpoint
    • EPSS Score: %10.33
    • Published: Aug. 27, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1424

    Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.... Read more

    Affected Products : ichitaro
    • EPSS Score: %4.87
    • Published: Apr. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2399

    Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue... Read more

    Affected Products : firefox fireftp
    • EPSS Score: %0.35
    • Published: May. 22, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291783 Results