Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-1685

    Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 2372.... Read more

    Affected Products : k9_web_protection
    • EPSS Score: %54.58
    • Published: Jun. 08, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3154

    Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and other packages, has unknown impact and remote attack vectors.... Read more

    Affected Products : egroupware
    • EPSS Score: %1.18
    • Published: Jun. 11, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2924

    Multiple buffer overflows in RealNetworks GameHouse dldisplay ActiveX control (ghdlctl.dll) allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : gamehouse
    • EPSS Score: %14.76
    • Published: Jun. 19, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3334

    Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 o... Read more

    • EPSS Score: %39.64
    • Published: Jun. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3341

    Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a valid memory address" via unspecified vectors, a different issue than CVE-2007-0217.... Read more

    Affected Products : internet_explorer all_windows
    • EPSS Score: %35.64
    • Published: Jun. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3357

    NetClassifieds Premium Edition does not use encryption for (1) stored passwords or (2) sensitive data, which might allow attackers to obtain information via certain vectors.... Read more

    Affected Products : netclassifieds
    • EPSS Score: %0.18
    • Published: Jun. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7207

    Buffer overflow in ageet AGEphone before 1.4.0 might allow remote attackers to have an unknown impact via unspecified vectors.... Read more

    Affected Products : agephone
    • EPSS Score: %1.14
    • Published: Jun. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3643

    admin/index.php in AV Arcade 2.1b grants administrative privileges when the ava_userid cookie value is 1, which allows remote attackers to perform certain administrative actions.... Read more

    Affected Products : av_arcade
    • EPSS Score: %0.92
    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3647

    The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attackers to bypass authentication and obtain administrative access by setting the username cookie to "traffic." NOTE: some of these details are obtained from thir... Read more

    Affected Products : phptraffica
    • EPSS Score: %1.17
    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3695

    Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.1 allows attackers to execute arbitrary code via a long filename. NOTE: the researcher does not suggest any circumstances in which the filename would come f... Read more

    • EPSS Score: %1.28
    • Published: Jul. 11, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3794

    Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, rela... Read more

    • EPSS Score: %0.51
    • Published: Jul. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3803

    The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists.... Read more

    Affected Products : clavister_coreplus
    • EPSS Score: %0.38
    • Published: Jul. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3907

    Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 allows remote attackers to bypass authentication and perform certain actions as an arbitrary user via unspecified vectors involving a URL with a redirect parameter value, along with a ... Read more

    Affected Products : ledgersmb
    • EPSS Score: %1.48
    • Published: Jul. 19, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-4149

    The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 does not require authentication for (1) the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; (2) the SETTINGSFILE command, which allows remote... Read more

    Affected Products : audit
    • EPSS Score: %4.85
    • Published: Aug. 03, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-4148

    Heap-based buffer overflow in the Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service (persistent daemon crashes) or execute arbitrary code via a long filename in a "LOG." command.... Read more

    Affected Products : audit
    • EPSS Score: %3.26
    • Published: Aug. 03, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-18753

    Typecho V1.1 allows remote attackers to send shell commands via base64-encoded serialized data, as demonstrated by SSRF.... Read more

    Affected Products : typecho
    • EPSS Score: %2.59
    • Published: Oct. 29, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-8931

    Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors.... Read more

    Affected Products : gravityzone
    • EPSS Score: %0.44
    • Published: Oct. 30, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-16461

    A command injection vulnerability in libnmapp package for versions <0.4.16 allows arbitrary commands to be executed via arguments to the range options.... Read more

    Affected Products : libnmap libnmap
    • EPSS Score: %1.49
    • Published: Oct. 30, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-16462

    A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument.... Read more

    Affected Products : apex-publish-static-files
    • EPSS Score: %2.30
    • Published: Oct. 30, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-4361

    NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access.... Read more

    Affected Products : readynas_raidiator
    • EPSS Score: %3.43
    • Published: Aug. 15, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 290972 Results