Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 10.0

    HIGH
    CVE-2007-0100

    The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious s... Read more

    Affected Products : perforce_client
    • EPSS Score: %0.92
    • Published: Jan. 08, 2007
    • Modified: Apr. 09, 2025
  • 10.0

    HIGH
    CVE-2007-0201

    Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet Firewall Toolkit (FWTK) allows remote attackers to execute arbitrary code via a long destination hostname (dest).... Read more

    Affected Products : internet_firewall_toolkit
    • EPSS Score: %6.01
    • Published: Jan. 11, 2007
    • Modified: Apr. 09, 2025
  • 10.0

    HIGH
    CVE-2018-13925

    Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snap... Read more

    • EPSS Score: %0.46
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2013-0657

    Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol.... Read more

    • EPSS Score: %60.15
    • Published: Jan. 21, 2013
    • Modified: Apr. 11, 2025
  • 10.0

    HIGH
    CVE-2015-0977

    Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS commands via unspecified vectors.... Read more

    Affected Products : intravue
    • EPSS Score: %0.78
    • Published: Feb. 27, 2015
    • Modified: Apr. 12, 2025
  • 10.0

    HIGH
    CVE-2017-18349

    parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP ... Read more

    Affected Products : fastjson pippo
    • EPSS Score: %90.74
    • Published: Oct. 23, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    CRITICAL
    CVE-2016-9335

    A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmware Version 5.0.190. Vulnerable versions of Stride-Manag... Read more

    • EPSS Score: %0.24
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2018-12670

    SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.... Read more

    • EPSS Score: %12.49
    • Published: Oct. 19, 2018
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2006-5368

    Unspecified vulnerability in Oracle Exchange component in Oracle E-Business Suite 6.2.4 has unknown impact and remote attack vectors, aka Vuln# APPS01.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025
  • 10.0

    HIGH
    CVE-2011-4157

    Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request.... Read more

    • EPSS Score: %32.88
    • Published: Nov. 16, 2011
    • Modified: Apr. 11, 2025
  • 10.0

    HIGH
    CVE-2015-3292

    The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : oncommand_workflow_automation
    • EPSS Score: %28.03
    • Published: May. 31, 2015
    • Modified: Apr. 12, 2025
  • 10.0

    HIGH
    CVE-2020-25749

    The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account ... Read more

    • EPSS Score: %3.94
    • Published: Sep. 25, 2020
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2012-4944

    Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page.... Read more

    Affected Products : fleetcommander fleetcommander_kiosk
    • EPSS Score: %3.65
    • Published: Nov. 18, 2012
    • Modified: Apr. 11, 2025
  • 10.0

    HIGH
    CVE-2012-4959

    Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.... Read more

    Affected Products : file_reporter
    • EPSS Score: %73.92
    • Published: Nov. 18, 2012
    • Modified: Apr. 11, 2025
  • 10.0

    HIGH
    CVE-2022-30924

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetAPWifiorLedInfoById parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024
  • 10.0

    CRITICAL
    CVE-2021-39168

    OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details about the vulnerability will be disclosed at a later date. ... Read more

    • EPSS Score: %0.44
    • Published: Aug. 27, 2021
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2007-2564

    Multiple stack-based buffer overflows in the Sienzo Digital Music Mentor (DMM) 2.6.0.4 ActiveX control (DSKernel2.dll) allow remote attackers to execute arbitrary code via a long argument to the (1) LockModules or (2) UnlockModule function.... Read more

    Affected Products : digital_music_mentor
    • EPSS Score: %6.01
    • Published: May. 09, 2007
    • Modified: Apr. 09, 2025
  • 10.0

    HIGH
    CVE-2008-2481

    PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb3.functions.php in phpRaider 1.0.7 and 1.0.7a, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[phpbb_path] paramete... Read more

    Affected Products : phpraider
    • EPSS Score: %3.84
    • Published: May. 28, 2008
    • Modified: Apr. 09, 2025
  • 10.0

    HIGH
    CVE-2008-3684

    Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to execute arbitrary code via crafted packet data to TCP port 2606.... Read more

    Affected Products : documentum_applicationxtender
    • EPSS Score: %3.16
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025
  • 10.0

    HIGH
    CVE-2010-2362

    Winny 2.0b7.1 and earlier does not properly process node information, which has unspecified impact and remote attack vectors that might lead to use of the product's host for DDoS attacks.... Read more

    Affected Products : winny
    • EPSS Score: %0.35
    • Published: Aug. 25, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 291526 Results