Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-1252

    b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote attackers to obtain the logon password by reading the pwd field in the HTML source.... Read more

    Affected Products : speedport_w500_dsl_router
    • EPSS Score: %1.00
    • Published: Mar. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-8096

    Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow.... Read more

    Affected Products : picasa
    • EPSS Score: %10.25
    • Published: Nov. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2023-23656

    Unrestricted Upload of File with Dangerous Type vulnerability in MainWP MainWP File Uploader Extension.This issue affects MainWP File Uploader Extension: from n/a through 4.1. ... Read more

    Affected Products :
    • Published: Mar. 26, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-0706

    Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : ntop
    • EPSS Score: %6.01
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2014-3059

    Unspecified vulnerability in the Administrative Console on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network.... Read more

    • EPSS Score: %2.40
    • Published: Oct. 02, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-2462

    Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknow... Read more

    • EPSS Score: %3.69
    • Published: May. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2460

    Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors.... Read more

    Affected Products : mathtex
    • EPSS Score: %1.04
    • Published: Jul. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0894

    Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvidcore/src/decoder.c in Xvid before 1.2.2, as used by Windows Media Player and other applications, allows remote attackers to execute arbitrary code via vec... Read more

    Affected Products : xvid
    • EPSS Score: %4.82
    • Published: Jun. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6110

    Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php.... Read more

    Affected Products : semanticscuttle
    • EPSS Score: %0.39
    • Published: Feb. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2000-1241

    Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."... Read more

    Affected Products : sips
    • EPSS Score: %0.39
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-12668

    SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices have a Hard-coded Password.... Read more

    • EPSS Score: %0.80
    • Published: Oct. 19, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-42338

    4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of ... Read more

    Affected Products : gcb_doctor
    • EPSS Score: %0.81
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-4511

    Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 has unknown impact and attack vectors related to the "dynamic publishing error message."... Read more

    Affected Products : movable_type movabletype
    • EPSS Score: %0.49
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-2616

    Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request.... Read more

    Affected Products : netmail
    • EPSS Score: %49.13
    • Published: May. 11, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-7841

    The login page of the server on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C... Read more

    • EPSS Score: %2.01
    • Published: Oct. 03, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-8841

    Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to execute arbitrary code via a large number of languages in an EPOC installation file of type SIS_FILE_MULTILANG.... Read more

    Affected Products : nod32_antivirus nod32
    • EPSS Score: %13.45
    • Published: Apr. 12, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2021-43049

    The Database component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain the usernames and passwords of users of the affected... Read more

    Affected Products : businessconnect
    • EPSS Score: %0.48
    • Published: Feb. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-3059

    Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to (1) " handling of must-revalidate cache directive for HTTPS pages" or (2) a "display issue with cookie comment encoding."... Read more

    Affected Products : linux_kernel opera_browser windows
    • EPSS Score: %0.46
    • Published: Sep. 26, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1272

    Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges.... Read more

    Affected Products : aos
    • EPSS Score: %2.67
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-2715

    Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.... Read more

    Affected Products : snaps_gallery
    • EPSS Score: %6.24
    • Published: May. 16, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291360 Results