Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2005-3460

    Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01.... Read more

    • EPSS Score: %2.84
    • Published: Nov. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2022-46161

    pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are thus subject to arbitrary code execution in the contex... Read more

    Affected Products : pdfmake
    • EPSS Score: %4.63
    • Published: Dec. 06, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-29978

    Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VPN < 2.3.... Read more

    Affected Products : vpn mozilla_vpn
    • EPSS Score: %1.03
    • Published: Aug. 05, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-3159

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1227.... Read more

    • EPSS Score: %45.96
    • Published: Oct. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-3232

    Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "UserNameToken cache was improperly used."... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.53
    • Published: Jun. 27, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2021-21903

    A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send ... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.20
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-21940

    A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflow. An attacker can send a malicious packet to trigger t... Read more

    • EPSS Score: %0.52
    • Published: Oct. 12, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-7190

    Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS).... Read more

    Affected Products : adium
    • EPSS Score: %0.40
    • Published: Sep. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2021-22657

    mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.... Read more

    Affected Products : mypro
    • EPSS Score: %0.40
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-22667

    BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior)... Read more

    • EPSS Score: %0.60
    • Published: Feb. 24, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-41892

    Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fix... Read more

    Affected Products : craft_cms
    • EPSS Score: %93.72
    • Published: Sep. 13, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-15422

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mod_security.php. When... Read more

    Affected Products : webpanel
    • EPSS Score: %2.07
    • Published: Jul. 28, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-0183

    Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request.... Read more

    • EPSS Score: %79.52
    • Published: Feb. 03, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-8327

    A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension.... Read more

    • EPSS Score: %21.26
    • Published: Jul. 11, 2018
    • Modified: Jul. 16, 2025

  • 10.0

    HIGH
    CVE-2015-9188

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD ... Read more

    • EPSS Score: %0.22
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-15477

    The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI. The file nodejs/raspberryTortoise.js has no validation on the parameter incomingString before passing it to the child_process.... Read more

    Affected Products : raspberrytortoise
    • EPSS Score: %8.17
    • Published: Jul. 23, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-8021

    EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system.... Read more

    Affected Products : elastic_cloud_storage
    • EPSS Score: %0.95
    • Published: Oct. 03, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2021-2248

    Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoc... Read more

    Affected Products : secure_global_desktop
    • EPSS Score: %3.97
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-15612

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_ftp_manager.php. When ... Read more

    Affected Products : webpanel
    • EPSS Score: %2.07
    • Published: Jul. 28, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0885

    A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web int... Read more

    Affected Products : smcd3g-ccr smcd3g-ccr_firmware
    • EPSS Score: %20.93
    • Published: Feb. 08, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291222 Results