Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 10.0

    HIGH
    CVE-2011-2959

    Stack-based buffer overflow in the Open Database Connectivity (ODBC) service (Odbcixv9se.exe) in 7-Technologies Interactive Graphical SCADA System (IGSS) 9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbit... Read more

    Affected Products : igss
    • EPSS Score: %3.54
    • Published: Jul. 29, 2011
    • Modified: Apr. 11, 2025
  • 10.0

    HIGH
    CVE-2018-3586

    An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.... Read more

    Affected Products : android
    • EPSS Score: %0.18
    • Published: Jul. 06, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2018-3592

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, ... Read more

    • EPSS Score: %0.19
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    CRITICAL
    CVE-2021-2256

    Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 16.3.1.4.2. Easily exploitable vulnerability allows unauthenticated attacker... Read more

    • EPSS Score: %2.23
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024
  • 10.0

    CRITICAL
    CVE-2019-1867

    A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass authentication on the REST API. The vulnerability is due to improper validation of API requests. An attacker could exploit... Read more

    Affected Products : elastic_services_controller
    • EPSS Score: %21.79
    • Published: May. 10, 2019
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2016-10305

    Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default pas... Read more

    • EPSS Score: %0.43
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025
  • 10.0

    HIGH
    CVE-2019-2036

    In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • EPSS Score: %0.60
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2022-1366

    Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system command... Read more

    Affected Products : diaenergie
    • EPSS Score: %0.42
    • Published: May. 02, 2022
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2016-10381

    In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.... Read more

    Affected Products : android
    • EPSS Score: %0.25
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025
  • 10.0

    HIGH
    CVE-2016-6890

    Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.... Read more

    Affected Products : matrixssl
    • EPSS Score: %11.16
    • Published: Jan. 05, 2017
    • Modified: Apr. 12, 2025
  • 10.0

    HIGH
    CVE-2008-1661

    Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.... Read more

    Affected Products : storageworks_storage_mirroring
    • EPSS Score: %80.52
    • Published: Jun. 04, 2008
    • Modified: Apr. 09, 2025
  • 10.0

    HIGH
    CVE-2005-1069

    Unknown vulnerability in sCssBoard 1.11 and earlier has unknown impact, related to "an exploit on the Profile page."... Read more

    Affected Products : scssboard
    • EPSS Score: %0.37
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
  • 10.0

    HIGH
    CVE-2016-10419

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, and SDX20, when initializing scheduler object service request, an out... Read more

    • EPSS Score: %0.22
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2016-10424

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, ... Read more

    • EPSS Score: %0.22
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2016-10425

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, S... Read more

    • EPSS Score: %0.23
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2009-2030

    Unspecified vulnerability in the XML Digital Signature verification functionality in JVA-RUN in JDK 6.0 in IBM OS/400 i5/OS V5R4M0 and V6R1M0 has unknown impact and attack vectors related to "XML SECURITY PATCH."... Read more

    Affected Products : jdk os\/400
    • EPSS Score: %0.78
    • Published: Jun. 11, 2009
    • Modified: Apr. 09, 2025
  • 10.0

    HIGH
    CVE-2016-10441

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52,... Read more

    • EPSS Score: %0.23
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2016-10489

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference.... Read more

    Affected Products : android sd_400_firmware sd_400
    • EPSS Score: %0.19
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2016-10496

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 210/SD 212/SD 205, SD 410/12, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, A NULL pointer dereference can occur during an SSL hands... Read more

    • EPSS Score: %0.18
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2022-20216

    android exported is used to set third-party app access permissions, and the default value of intent-filter is true. com.sprd.firewall has set exported as true.Product: AndroidVersions: Android SoCAndroid ID: A-231911916... Read more

    Affected Products : android
    • EPSS Score: %0.13
    • Published: Jul. 13, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 291520 Results