Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2004-0345

    Buffer overflow in Red Faction client 1.20 and earlier allows remote servers to execute arbitrary code via a long server name.... Read more

    Affected Products : red_faction
    • EPSS Score: %4.52
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2016-5675

    handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPSer... Read more

    • EPSS Score: %75.75
    • Published: Aug. 31, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-5743

    Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenP... Read more

    • EPSS Score: %5.63
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6147

    An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.... Read more

    Affected Products : trex
    • EPSS Score: %10.55
    • Published: Aug. 05, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-0469

    Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code du... Read more

    • EPSS Score: %6.45
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-0656

    Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute.... Read more

    • EPSS Score: %2.08
    • Published: Feb. 07, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2016-6551

    Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random default credentials of: ftp/ftp or intellian:12345678. A remote network attacker can gain elevated access to a vulnerable device.... Read more

    • EPSS Score: %0.65
    • Published: Jul. 13, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-6563

    Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following prod... Read more

    • EPSS Score: %87.96
    • Published: Jul. 13, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-0368

    Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.... Read more

    Affected Products : mbse-bbs
    • EPSS Score: %1.84
    • Published: Jan. 19, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2016-7110

    Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109.... Read more

    Affected Products : uma
    • EPSS Score: %1.75
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2016-8938

    IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications.... Read more

    Affected Products : urbancode_deploy
    • EPSS Score: %0.82
    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2007-4170

    Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) include parameter to (a) Main.php and (b) get.php and the (2) exec parameter to (c) count.php.... Read more

    Affected Products : al-athkar
    • EPSS Score: %0.79
    • Published: Aug. 07, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2005-4414

    Unspecified vulnerability in Teamwork 3 before alpha 1.7 has unknown impact and attack vectors, related to "a menu security bug."... Read more

    Affected Products : teamwork
    • EPSS Score: %0.39
    • Published: Dec. 20, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-5719

    app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.... Read more

    • EPSS Score: %0.43
    • Published: Sep. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-8877

    The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which ... Read more

    Affected Products : cm_download_manager
    • EPSS Score: %30.12
    • Published: Dec. 05, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5998

    Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command.... Read more

    Affected Products : impero_education_pro
    • EPSS Score: %0.55
    • Published: Sep. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-0978

    Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData para... Read more

    • EPSS Score: %49.59
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0985

    Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to wr... Read more

    Affected Products : ie
    • EPSS Score: %41.50
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2017-10902

    PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute arbitrary OS commands via unspecified vectors.... Read more

    Affected Products : ptw-wms1_firmware ptw-wms1
    • EPSS Score: %2.11
    • Published: Dec. 01, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-3160

    Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before 7.1.3, as used by IBM System Storage N series Filer and IBM System Storage N series Gateway, have unknown impact and attack vectors.... Read more

    Affected Products : data_ontap
    • EPSS Score: %1.82
    • Published: Jul. 14, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291384 Results