Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-28334

    Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploiting C... Read more

    • EPSS Score: %13.02
    • Published: Nov. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-2972

    MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an attacker to crash the device or remotely execute arbitrary code... Read more

    Affected Products : libiec61850
    • EPSS Score: %0.34
    • Published: Sep. 23, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-45894

    The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques.... Read more

    Affected Products : remote_application_server
    • EPSS Score: %3.47
    • Published: Dec. 14, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-4519

    Multiple unspecified vulnerabilities in Ortro before 1.3.4 have unknown impact and attack vectors.... Read more

    Affected Products : ortro
    • EPSS Score: %0.40
    • Published: Dec. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2022-25427

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.... Read more

    Affected Products : ac9_firmware ac9
    • EPSS Score: %0.39
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-4509

    Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request.... Read more

    Affected Products : edirectory
    • EPSS Score: %37.12
    • Published: Oct. 24, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2022-25450

    Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.... Read more

    Affected Products : ac6_firmware ac6
    • EPSS Score: %2.39
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-2967

    Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.... Read more

    • EPSS Score: %10.32
    • Published: May. 31, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-9456

    Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped to CVE-2014-1004; see CVE-2014-1004 for more informatio... Read more

    Affected Products : notepad\+\+
    • EPSS Score: %18.70
    • Published: Jan. 02, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2025-23123

    A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and earlier) firmware.... Read more

    Affected Products :
    • Published: May. 19, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Memory Corruption

  • 10.0

    HIGH
    CVE-2016-0834

    An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26220548.... Read more

    Affected Products : android
    • EPSS Score: %0.67
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-7154

    A ifviewselectpage expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %2.26
    • Published: Oct. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-46839

    Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. ... Read more

    Affected Products : js_help_desk
    • EPSS Score: %0.31
    • Published: Jan. 05, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-0588

    admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.... Read more

    Affected Products : digi-news
    • EPSS Score: %2.56
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2024-23613

    A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. ... Read more

    Affected Products : symantec_deployment_solutions
    • EPSS Score: %7.65
    • Published: Jan. 26, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-8383

    The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html.... Read more

    Affected Products : in3128hd_firmware in3128hd
    • EPSS Score: %4.50
    • Published: May. 18, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-8389

    cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v... Read more

    • EPSS Score: %14.01
    • Published: Dec. 28, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2020-29580

    The official storm Docker images before 1.2.1 contain a blank password for a root user. Systems using the Storm Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.... Read more

    Affected Products : storm_docker_image
    • EPSS Score: %2.07
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-5369

    Unspecified vulnerability in Oracle Application Object Library in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS02.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %2.75
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5560

    Heap-based buffer overflow in the Juniper HTTP Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is fro... Read more

    Affected Products : http_service
    • EPSS Score: %4.92
    • Published: Oct. 18, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291274 Results