Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2012-1480

    Unspecified vulnerability in the Pansi SMS (com.pansi.msg) application 1.97, 2.01, and 2.07 for Android has unknown impact and attack vectors.... Read more

    Affected Products : android pansi_sms
    • EPSS Score: %0.33
    • Published: Mar. 14, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-1258

    Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files.... Read more

    Affected Products : abcm2ps
    • EPSS Score: %4.90
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2016-0803

    libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large... Read more

    Affected Products : android
    • EPSS Score: %1.22
    • Published: Feb. 07, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-1491

    Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.... Read more

    Affected Products : remote_console
    • EPSS Score: %86.69
    • Published: Mar. 25, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2002-1686

    Buffer overflow in lscfg of unknown versions of AIX has unknown impact.... Read more

    Affected Products : aix
    • EPSS Score: %0.50
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1303

    Buffer overflow in the get function in get.c for Yanf 0.4 allows remote malicious web servers to execute arbitrary code via crafted HTTP responses.... Read more

    Affected Products : yanf
    • EPSS Score: %3.65
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-3832

    Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538.... Read more

    Affected Products : android
    • EPSS Score: %6.83
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-10308

    Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to t... Read more

    • EPSS Score: %2.10
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-10343

    In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak.... Read more

    Affected Products : android
    • EPSS Score: %0.15
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-10384

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.... Read more

    Affected Products : android
    • EPSS Score: %0.25
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-10460

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 835, SD 845, and SD 850, vendor specific opcodes may not have any packet length validation leading to buffer over-reads.... Read more

    • EPSS Score: %0.22
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-10480

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/5... Read more

    • EPSS Score: %0.26
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1390

    Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the (1) -F, (2) name, (3) en, (4) upscript, (5) downscript, (6) retries, (7) timeout, (8) scriptdetach, (9) noscr... Read more

    Affected Products : rtos rtp
    • EPSS Score: %9.60
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-1633

    Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of (1) /tmp and (2) MINDI_CACHE.... Read more

    Affected Products : rescue
    • EPSS Score: %0.37
    • Published: Apr. 02, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2017-16088

    The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.... Read more

    Affected Products : safe-eval
    • EPSS Score: %2.95
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-1392

    Unspecified vulnerability in the Dolphin Browser HD (mobi.mgeek.TunnyBrowser) application 6.2.0, 7.2.1, 7.3.0, and 7.4.0 for Android has unknown impact and attack vectors.... Read more

    Affected Products : android dolphin_browser_hd
    • EPSS Score: %0.43
    • Published: Mar. 07, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-14322

    The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) prior to 6.1.6 allows remote attackers to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a s... Read more

    Affected Products : email_marketer
    • EPSS Score: %18.80
    • Published: Oct. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-3198

    GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected.... Read more

    • EPSS Score: %0.27
    • Published: Jul. 09, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-4548

    The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authentication requirements, deploy arbitrary modules, and gain administrative access by ... Read more

    Affected Products : geronimo
    • EPSS Score: %0.75
    • Published: Aug. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-1483

    Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact.... Read more

    Affected Products : clientless_vpn_gateway_4400
    • EPSS Score: %3.04
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291890 Results