Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-0349

    A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-te... Read more

    • EPSS Score: %1.25
    • Published: Jul. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-21806

    A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network.... Read more

    • EPSS Score: %2.00
    • Published: Jun. 17, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-4715

    Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary ... Read more

    Affected Products : rslinx_enterprise rslinx_enterprise
    • EPSS Score: %0.34
    • Published: Apr. 18, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-7279

    The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote attackers to obtain "equipment management authority" via TCP traffic to port 23.... Read more

    • EPSS Score: %57.90
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2018-0539

    QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors.... Read more

    Affected Products : qqq_systems
    • EPSS Score: %0.54
    • Published: Mar. 22, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-2206

    Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8.2.1346, 4.4.5.502, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long HTTP Response Header.... Read more

    Affected Products : getgo_download_manager
    • EPSS Score: %76.64
    • Published: Mar. 05, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-27080

    Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setWorkmode.... Read more

    Affected Products : m3_firmware m3
    • EPSS Score: %14.48
    • Published: Mar. 24, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-10837

    An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. The Esecomm Trustlet allows a stack overflow and arbitrary code execution. The Samsung ID is SVE-2019-15984 (February 2020).... Read more

    Affected Products : android
    • EPSS Score: %0.23
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-3029

    EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain root access. NOTE: This vulnerabil... Read more

    Affected Products : ecs_imaging
    • EPSS Score: %3.41
    • Published: Jan. 07, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-10500

    While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Vo... Read more

    • EPSS Score: %0.36
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-1052

    PHP remote file inclusion vulnerability in index.php in PBLang (PBL) 4.60 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dbpath parameter, a different vector than CVE-2006-5062. NOTE: this issue has been disputed by a ... Read more

    Affected Products : pblang
    • EPSS Score: %0.97
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-4853

    A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the firmware of the device.... Read more

    • EPSS Score: %0.44
    • Published: Jul. 03, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-1139

    Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to upload arbitrary scripts via a filename with a double extension.... Read more

    Affected Products : simple_plantilla_php
    • EPSS Score: %0.77
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2022-22992

    A command injection remote code execution vulnerability was discovered on Western Digital My Cloud Devices that could allow an attacker to execute arbitrary system commands on the device. The vulnerability was addressed by escaping individual arguments to... Read more

    • EPSS Score: %0.67
    • Published: Jan. 28, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-9995

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. There is a check for feature_name_len + filePathLen but there mig... Read more

    • EPSS Score: %0.23
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-9998

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA937... Read more

    • EPSS Score: %0.31
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-5847

    Unraid through 6.8.0 allows Remote Code Execution.... Read more

    Affected Products : unraid
    • Actively Exploited
    • EPSS Score: %93.51
    • Published: Mar. 16, 2020
    • Modified: Feb. 04, 2025

  • 10.0

    HIGH
    CVE-2012-1250

    Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related to PPPoE authentication.... Read more

    • EPSS Score: %7.48
    • Published: Jun. 04, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2024-48840

    Unauthorized Access vulnerabilities allow Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 10.0

    HIGH
    CVE-2012-1405

    Unspecified vulnerability in the GO Note Widget (com.gau.go.launcherex.gowidget.notewidget) application 1.5 and 1.9 for Android has unknown impact and attack vectors.... Read more

    Affected Products : android go_note_widget
    • EPSS Score: %0.33
    • Published: Mar. 07, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291335 Results