Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-1674

    Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608.... Read more

    Affected Products : mplab_ide
    • EPSS Score: %5.21
    • Published: May. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-9685

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition.... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-2430

    libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2435

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.... Read more

    Affected Products : android nexus_9
    • EPSS Score: %0.06
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2436

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.... Read more

    Affected Products : android nexus_9
    • EPSS Score: %0.04
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2440

    libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 mishandles object references, which allows attackers to gain privileges via a crafted application, aka internal bug 272... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2467

    The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2471

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27773913.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2474

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2478

    mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as dem... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2480

    The mm-video-v4l2 vidc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate certain OMX parameter data structures, which allows attackers to gain privileges via a crafted... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2469

    The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992.... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-2620

    Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login steps first.... Read more

    Affected Products : open-ftpd
    • EPSS Score: %55.67
    • Published: Jul. 02, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-6640

    The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service ... Read more

    Affected Products : android
    • EPSS Score: %0.10
    • Published: Jan. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2009-2384

    Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : peamp
    • EPSS Score: %6.47
    • Published: Jul. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-3098

    Directory traversal vulnerability in IoRush Software FTP Rush 1.1.3 and possibly earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename.... Read more

    Affected Products : ftprush
    • EPSS Score: %0.18
    • Published: Aug. 20, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3104

    Directory traversal vulnerability in DeskShare AutoFTP Manager 4.31, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.... Read more

    Affected Products : auto_ftp_manager
    • EPSS Score: %0.15
    • Published: Aug. 21, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3151

    Untrusted search path vulnerability in Adobe On Location CS4 Build 315 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as an OL... Read more

    Affected Products : onlocation_cs4 premiere_pro_cs4
    • EPSS Score: %3.48
    • Published: Aug. 27, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-3573

    Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) W... Read more

    • EPSS Score: %3.17
    • Published: Oct. 06, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-4153

    Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.... Read more

    Affected Products : crossftp_pro
    • EPSS Score: %0.18
    • Published: Nov. 03, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 291820 Results