Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2018-10750

    An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'staticGet' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'staticGet <node_name attr>' function and cause ... Read more

    • Published: May. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2005-2618

    Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled... Read more

    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2018-10697

    An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execut... Read more

    Affected Products : awk-3121_firmware awk-3121
    • Published: Jun. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-10636

    CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack.... Read more

    Affected Products : cncsoft screeneditor
    • Published: Aug. 13, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-10616

    ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used.... Read more

    Affected Products : panel_builder_800
    • Published: Jul. 18, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-10606

    WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.... Read more

    Affected Products : levistudiou
    • Published: Sep. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-10602

    WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.... Read more

    Affected Products : levistudiou
    • Published: Sep. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1654

    Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Library (ne7ssh) before 1.2.1 allows user-assisted remote SFTP servers to cause a denial of service (crash) or possibly execute arbitrary code via multiple file ... Read more

    Affected Products : netsieben_ssh_library
    • Published: Mar. 24, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-1999-0766

    The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.... Read more

    • Published: Oct. 21, 1999
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-1999-0704

    Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.... Read more

    Affected Products : freebsd linux bsd_os
    • Published: Sep. 16, 1999
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2020-3868

    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing malic... Read more

    Affected Products : leap itunes iphone_os tvos safari icloud ipados
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-1999-0320

    SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.... Read more

    Affected Products : solaris sunos
    • Published: Mar. 01, 1998
    • Modified: Apr. 03, 2025

  • 9.2

    CRITICAL
    CVE-2024-49360

    Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. An authenticated user (**UserA**) with no privileges is authorized to read all files created in sandbox belonging to other users in the sandbox folde... Read more

    Affected Products : sandboxie sandboxie
    • Published: Nov. 29, 2024
    • Modified: Aug. 04, 2025

  • 9.2

    CRITICAL
    CVE-2024-45369

    The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource.... Read more

    Affected Products : mypro
    • Published: Nov. 22, 2024
    • Modified: Nov. 22, 2024

  • 9.2

    CRITICAL
    CVE-2024-6878

    Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations.This issue affects Panel: before v2.3.24.... Read more

    Affected Products : panel
    • Published: Sep. 18, 2024
    • Modified: Nov. 21, 2024

  • 9.2

    CRITICAL
    CVE-2024-11144

    The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user from a remote network. The crash causes the FTP service to become unavailable, affecting all users and processes that rely on it for file transfers. If the crash... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.2

    CRITICAL
    CVE-2024-8580

    A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220. This vulnerability affects unknown code of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can be initiated remotel... Read more

    Affected Products : t8_firmware t8
    • Published: Sep. 08, 2024
    • Modified: Sep. 10, 2024

  • 9.2

    CRITICAL
    CVE-2024-45861

    Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.... Read more

    • Published: Sep. 19, 2024
    • Modified: Sep. 30, 2024

  • 9.2

    CRITICAL
    CVE-2024-3373

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RSM Design Website Template allows SQL Injection.This issue affects Website Template: before 1.2.... Read more

    Affected Products :
    • Published: Sep. 27, 2024
    • Modified: Sep. 30, 2024

  • 9.2

    CRITICAL
    CVE-2025-30085

    Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was discovered. The issue occurs within the submission export feature and requires administrative access to the export feature.... Read more

    Affected Products : rsform\!pro
    • Published: Jun. 11, 2025
    • Modified: Jun. 12, 2025
    • Vuln Type: Authentication
Showing 20 of 294860 Results