Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2015-7541

    The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth v... Read more

    Affected Products : colorscore
    • EPSS Score: %1.30
    • Published: Jan. 08, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2005-2259

    The dispallclosed2 function in dispallclosed.pl for multiple USANet Creations products, including (1) USANet Shopping Mall Software, (2) Domain Name Auction Software, (3) Standard Classified Ads Software, and (4) MakeBid Reverse Auction allows remote atta... Read more

    • EPSS Score: %3.55
    • Published: Jul. 13, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-6186

    Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impact and attack vectors, involving a "minor security bug in repair & optimize database."... Read more

    Affected Products : phpdevshell
    • EPSS Score: %0.34
    • Published: Nov. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-1171

    Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.... Read more

    Affected Products : sim_card_editor
    • EPSS Score: %76.87
    • Published: Aug. 28, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7915

    Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.... Read more

    Affected Products : moduweb_vision
    • EPSS Score: %0.76
    • Published: Feb. 06, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-8352

    Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.... Read more

    Affected Products : zen_cart
    • EPSS Score: %38.49
    • Published: Aug. 24, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-12786

    Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when AC... Read more

    Affected Products : noviware
    • EPSS Score: %35.14
    • Published: Aug. 22, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-1831

    Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555.... Read more

    Affected Products : kinghistorian kingview
    • EPSS Score: %15.70
    • Published: Jul. 05, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-13284

    In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is no... Read more

    Affected Products : android
    • EPSS Score: %1.23
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-14135

    enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI.... Read more

    Affected Products : opendreambox
    • EPSS Score: %84.70
    • Published: Sep. 04, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2004-1236

    Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.... Read more

    Affected Products : directory_server
    • EPSS Score: %34.63
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-3188

    The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : storm
    • EPSS Score: %12.42
    • Published: Jan. 13, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2004-1255

    Buffer overflow in the expandtabs function in 2fax 3.04 allows remote attackers to execute arbitrary code via a text file that is converted to TIFF.... Read more

    Affected Products : 2fax
    • EPSS Score: %3.41
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2017-14803

    In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system.... Read more

    Affected Products : access_manager netiq_access_manager
    • EPSS Score: %1.46
    • Published: Jan. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1266

    Buffer overflow in the get_field_headers function in csv2xml.cpp for csv2xml 0.5.1 allows remote attackers to execute arbitrary code via a crafted CSV file.... Read more

    Affected Products : csv2xml
    • EPSS Score: %3.41
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1265

    Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the convex-tool program in Convex 3D 0.8pre1 allows remote attackers to execute arbitrary code via a crafted 3DS file.... Read more

    Affected Products : convex_3d
    • EPSS Score: %3.41
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1271

    Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows remote attackers to execute arbitrary code via a crafted DXF file.... Read more

    Affected Products : dxf_file_format_viewer
    • EPSS Score: %3.41
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2009-1520

    Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, 5.4.0.0 through 5.4.2.6, and 5.5.0.0 through 5.5.1.17 allows attackers to cause a denial of service (a... Read more

    • EPSS Score: %1.15
    • Published: May. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-1278

    Buffer overflow in the switch_voice function in parse.c for jcabc2ps 20040902 allows remote attackers to execute arbitrary code via a crafted ABC file.... Read more

    Affected Products : abc2ps jcabc2ps
    • EPSS Score: %3.41
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1279

    Buffer overflow in the get_file_list_stdin function in jpegtoavi 1.5 allows remote attackers to execute arbitrary code via a crafted set of JPEG files and filenames.... Read more

    Affected Products : jpegtoavi
    • EPSS Score: %9.27
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291058 Results