Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2014-125121

    Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The ... Read more

    Affected Products :
    • Published: Jul. 31, 2025
    • Modified: Jul. 31, 2025
    • Vuln Type: Authentication

  • 10.0

    CRITICAL
    CVE-2025-34112

    An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral NetProfiler and NetExpress 10.8.7 virtual appliances. A SQL injection vulnerability in the '/api/common/1.0/login' endpoint can be exploited to create a new u... Read more

    Affected Products :
    • Published: Jul. 15, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Injection

  • 10.0

    HIGH
    CVE-2025-7206

    A vulnerability, which was classified as critical, has been found in D-Link DIR-825 2.10. This issue affects the function sub_410DDC of the file switch_language.cgi of the component httpd. The manipulation of the argument Language leads to stack-based buf... Read more

    Affected Products : dir-825_firmware dir-825
    • Published: Jul. 09, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 10.0

    HIGH
    CVE-2015-2763

    Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to port 17703.... Read more

    Affected Products : triton_ap_email
    • Published: Mar. 27, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2025-26927

    Unrestricted Upload of File with Dangerous Type vulnerability in EPC AI Hub allows Upload a Web Shell to a Web Server. This issue affects AI Hub: from n/a through 1.3.3.... Read more

    Affected Products :
    • Published: Apr. 15, 2025
    • Modified: Apr. 16, 2025

  • 10.0

    HIGH
    CVE-1999-0046

    Buffer overflow of rlogin program using TERM environmental variable.... Read more

    • Published: Feb. 06, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0214

    Denial of service by sending forged ICMP unreachable packets.... Read more

    Affected Products : sunos
    • Published: Jul. 21, 1992
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1125

    Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the ... Read more

    Affected Products : http_server
    • Published: Sep. 19, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0210

    Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.... Read more

    Affected Products : solaris sunos
    • Published: Nov. 26, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1199

    Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.... Read more

    Affected Products : http_server
    • Published: Aug. 07, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0286

    In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0495

    A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0539

    A trust relationship exists between two Unix hosts.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0594

    A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0597

    A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0570

    Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.... Read more

    Affected Products : windows_nt
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0581

    The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.... Read more

    Affected Products : windows_nt
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0347

    Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character.... Read more

    Affected Products :
    • Published: Jan. 26, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1405

    snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ib... Read more

    Affected Products : aix
    • Published: Feb. 17, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0408

    Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.... Read more

    Affected Products : cobalt_raq
    • Published: Feb. 25, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 294537 Results