Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

10.0

HIGH

CVE-2006-5156

Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header....

Affected Products : epolicy_orchestrator protectionpilot
Published: Oct. 05, 2006

Modified: Apr. 09, 2025
10.0

HIGH

CVE-2021-1459

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper v...

Affected Products : rv110w_firmware rv130_firmware rv130w_firmware rv215w_firmware rv110w rv215w small_business_rv_series_router_firmware rv130w rv130
Published: Apr. 08, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2016-6563

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following prod...

Affected Products : dir-823_firmware dir-822_firmware dir-818l\(w\)_firmware dir-895l_firmware dir-890l_firmware dir-885l_firmware dir-880l_firmware dir-868l_firmware dir-850l_firmware dir-890l +8 more products
Published: Jul. 13, 2018

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2016-6554

Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vu...

Affected Products : ds107_firmware ds213_firmware ds116_firmware ds107 ds213 ds116
Published: Jul. 13, 2018

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2006-0992

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentall...

Affected Products : groupwise_messenger
Published: Apr. 14, 2006

Modified: Apr. 03, 2025
10.0

HIGH

CVE-2012-3983

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute...

Affected Products : firefox thunderbird ubuntu_linux linux_enterprise_server seamonkey linux_enterprise_desktop
Published: Oct. 10, 2012

Modified: Apr. 11, 2025
10.0

HIGH

CVE-2006-0283

Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) has unspecified impact and attack vectors, as identified by Oracle Vuln# DBC02 in the Reorganize O...

Affected Products : database_server application_server collaboration_suite
Published: Jan. 18, 2006

Modified: Apr. 03, 2025
10.0

CRITICAL

CVE-2021-1388

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper...

Affected Products : application_policy_infrastructure_controller aci_multi-site_orchestrator
Published: Feb. 24, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2016-6598

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. ...

Affected Products : track-it\!
Published: Jan. 30, 2018

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2005-4837

snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a fr...

Affected Products : net-snmp net-snmp
Published: Dec. 31, 2005

Modified: Apr. 03, 2025
10.0

HIGH

CVE-2016-6535

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session....

Affected Products : eh6108h\+_firmware eh6108h\+
Published: Sep. 19, 2016

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2005-3666

Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: d...

Affected Products : internet_key_exchange
Published: Nov. 18, 2005

Modified: Apr. 03, 2025
10.0

HIGH

CVE-2005-3449

Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS02 in Containers for J2EE, (2) AS07 in Internet Directory, (3) AS09 in Report Server, and (4) ...

Affected Products : application_server
Published: Nov. 02, 2005

Modified: Apr. 03, 2025
10.0

HIGH

CVE-2021-1292

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. T...

Affected Products : rv160_vpn_router_firmware rv160w_wireless-ac_vpn_router_firmware rv260_vpn_router_firmware rv260p_vpn_router_with_poe_firmware small_business_rv_series_router_firmware rv260w_wireless-ac_vpn_router_firmware rv160w_wireless-ac_vpn_router rv260_vpn_router rv260p_vpn_router_with_poe rv260w_wireless-ac_vpn_router +1 more products
Published: Feb. 04, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-1294

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. T...

Affected Products : rv160_vpn_router_firmware rv160w_wireless-ac_vpn_router_firmware rv260_vpn_router_firmware rv260p_vpn_router_with_poe_firmware small_business_rv_series_router_firmware rv260w_wireless-ac_vpn_router_firmware rv160w_wireless-ac_vpn_router rv260_vpn_router rv260p_vpn_router_with_poe rv260w_wireless-ac_vpn_router +1 more products
Published: Feb. 04, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-1295

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. T...

Affected Products : rv160_vpn_router_firmware rv160w_wireless-ac_vpn_router_firmware rv260_vpn_router_firmware rv260p_vpn_router_with_poe_firmware small_business_rv_series_router_firmware rv260w_wireless-ac_vpn_router_firmware rv160w_wireless-ac_vpn_router rv260_vpn_router rv260p_vpn_router_with_poe rv260w_wireless-ac_vpn_router +1 more products
Published: Feb. 04, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2016-6441

A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Serie...

Affected Products : ios_xe ios_xe
Published: Nov. 03, 2016

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2005-1851

A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors....

Affected Products : ekg
Published: Jul. 19, 2005

Modified: Apr. 03, 2025
10.0

HIGH

CVE-2021-1290

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. T...

Affected Products : rv160_vpn_router_firmware rv160w_wireless-ac_vpn_router_firmware rv260_vpn_router_firmware rv260p_vpn_router_with_poe_firmware small_business_rv_series_router_firmware rv260w_wireless-ac_vpn_router_firmware rv160w_wireless-ac_vpn_router rv260_vpn_router rv260p_vpn_router_with_poe rv260w_wireless-ac_vpn_router +1 more products
Published: Feb. 04, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2016-6406

Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root acc...

Affected Products : email_security_appliance_firmware
Published: Sep. 22, 2016

Modified: Apr. 12, 2025

Showing 20 of 293309 Results

1
...
212
213
214
215
216
217
218
...
14666

Browse by Apps

Latest CVE Feed

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

10.0

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable