Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2017-5538

    The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bound... Read more

    Affected Products : samsung_mobile
    • EPSS Score: %2.76
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-3259

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.... Read more

    Affected Products : sitescope
    • EPSS Score: %34.60
    • Published: Sep. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-17539

    The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell.... Read more

    Affected Products : fortiwlc
    • EPSS Score: %0.42
    • Published: May. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-3608

    A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious ... Read more

    • EPSS Score: %3.86
    • Published: Jul. 06, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-5444

    Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-2008-... Read more

    Affected Products : secure_backup
    • EPSS Score: %79.04
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-18001

    Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.... Read more

    Affected Products : secure_web_gateway
    • EPSS Score: %20.85
    • Published: Dec. 31, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-5675

    Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI."... Read more

    Affected Products : websphere_portal
    • EPSS Score: %0.51
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-7450

    AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated access to a big part of the management interface. It is possible to extract all information including the Wi-Fi password, reboot, or force a software update at an arbitrary time.... Read more

    Affected Products : hdmi_dongle_firmware hdmi_dongle
    • EPSS Score: %0.33
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-1822

    Unspecified vulnerability in the Oracle Application Express component in Oracle Application Express 3.0.1 has unknown impact and remote attack vectors, aka APEX02.... Read more

    Affected Products : application_express
    • EPSS Score: %0.93
    • Published: Apr. 16, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-7640

    QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges.... Read more

    Affected Products : qts media_streaming_add-on
    • EPSS Score: %2.42
    • Published: Mar. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-5963

    Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter.... Read more

    Affected Products : gravity-gtd
    • EPSS Score: %2.86
    • Published: Jan. 23, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-4874

    Unspecified vulnerability in the Another WordPress Classifieds Plugin before 2.0 for WordPress has unknown impact and attack vectors related to "image uploads."... Read more

    • EPSS Score: %1.40
    • Published: Sep. 06, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-6000

    An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch a... Read more

    Affected Products : asuswrt
    • EPSS Score: %90.65
    • Published: Jan. 22, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1636

    Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.... Read more

    Affected Products : wvtftp
    • EPSS Score: %6.82
    • Published: Oct. 26, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-6577

    Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges.... Read more

    Affected Products : cs1000
    • EPSS Score: %2.28
    • Published: Apr. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6578

    Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.... Read more

    Affected Products : cs1000
    • EPSS Score: %2.18
    • Published: Apr. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-19067

    An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~... Read more

    • EPSS Score: %1.22
    • Published: Nov. 07, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-7493

    CactusVPN through 6.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.... Read more

    Affected Products : macos cactusvpn
    • EPSS Score: %0.36
    • Published: Mar. 05, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-7573

    An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is simil... Read more

    Affected Products : ftpshell_client
    • EPSS Score: %78.38
    • Published: Mar. 01, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-5864

    These Sinapsi devices do not check if users that visit pages within the device have properly authenticated. By directly visiting the pages within the device, attackers can gain unauthorized access with administrative privileges.... Read more

    • EPSS Score: %15.42
    • Published: Nov. 23, 2012
    • Modified: Jul. 08, 2025
Showing 20 of 291058 Results