Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2002-2417

    acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.... Read more

    Affected Products : acftp
    • EPSS Score: %4.38
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0394

    DPEC Online Courseware allows an attacker to change another user's password without knowing the original password.... Read more

    Affected Products :
    • EPSS Score: %0.48
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2257

    The saveProfile function in PhpSlash 0.8.0 allows remote attackers to modify arbitrary profiles and gain privileges by modifying the author_id parameter.... Read more

    Affected Products : phpslash
    • EPSS Score: %1.19
    • Published: Jul. 13, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-6006

    TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors.... Read more

    Affected Products : testlink
    • EPSS Score: %0.29
    • Published: Nov. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5466

    Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to (1) have an unknown impact by sending multiple long strings to the IMAP port (143/tcp); (2) execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, i... Read more

    Affected Products : extremail
    • EPSS Score: %56.85
    • Published: Oct. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5559

    Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it... Read more

    Affected Products : thinkvantage_tpm
    • EPSS Score: %7.70
    • Published: Oct. 18, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2024

    Cisco Network Registrar before 7.2 has a default administrative password, which makes it easier for remote attackers to obtain access via a TCP session, aka Bug ID CSCsm50627.... Read more

    Affected Products : cns_network_registrar
    • EPSS Score: %1.73
    • Published: Jun. 02, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-4439

    PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio before 1.6.3 allows remote attackers to execute arbitrary PHP code via a URL in the INSTALL_FOLDER parameter. NOTE: the provenance of this information is unknown;... Read more

    Affected Products : datafeed_studio
    • EPSS Score: %0.76
    • Published: Oct. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5767

    Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with... Read more

    Affected Products : bordermanager
    • EPSS Score: %30.84
    • Published: Nov. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5769

    Double free vulnerability in the getreply function in ftp.c in netkit ftp (netkit-ftp) 0.17 20040614 and later allows remote FTP servers to cause a denial of service (application crash) and possibly have unspecified other impact via some types of FTP prot... Read more

    Affected Products : netkit_ftp
    • EPSS Score: %0.49
    • Published: Dec. 06, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5892

    Stack-based buffer overflow in the pdg2.dll ActiveX control in SSReader 4.0 and earlier allow remote attackers to execute arbitrary code via a long argument to the Register method. NOTE: some details were obtained from third party sources.... Read more

    Affected Products : ultra_star_reader
    • EPSS Score: %9.15
    • Published: Nov. 08, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0251

    Unrestricted file upload vulnerability in PhotoPost vBGallery before 2.4.2 allows remote attackers to upload and execute arbitrary files via unknown vectors.... Read more

    Affected Products : photopost_vbgallery
    • EPSS Score: %2.62
    • Published: Jan. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-3577

    IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 does not properly implement Activity Token authentication for Web Services, which has unspecified impact and attack vectors.... Read more

    Affected Products : websphere_commerce
    • EPSS Score: %1.22
    • Published: Sep. 20, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-5810

    WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary s... Read more

    Affected Products : webtransactions
    • EPSS Score: %3.70
    • Published: Jan. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-1040

    Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote attackers to execute arbitrary code via a long URI.... Read more

    • EPSS Score: %5.16
    • Published: Feb. 27, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6519

    Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a Long Running Web Pr... Read more

    Affected Products : xitami
    • EPSS Score: %6.10
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-1154

    The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require au... Read more

    • EPSS Score: %5.57
    • Published: Apr. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-4743

    The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involvin... Read more

    • EPSS Score: %1.75
    • Published: Dec. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4744

    The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/admin-h... Read more

    • EPSS Score: %1.75
    • Published: Dec. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4768

    The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretat... Read more

    • EPSS Score: %1.75
    • Published: Dec. 16, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291384 Results