Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2010-4070

    Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote att... Read more

    Affected Products : informix_dynamic_server
    • EPSS Score: %8.05
    • Published: Oct. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-17146

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on T... Read more

    • EPSS Score: %17.71
    • Published: Jan. 07, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-13650

    TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5).... Read more

    Affected Products : m7350_firmware m7350
    • EPSS Score: %4.01
    • Published: Oct. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-18377

    An issue was discovered on Wireless IP Camera (P2P) WIFICAM cameras. There is Command Injection in the set_ftp.cgi script via shell metacharacters in the pwd variable, as demonstrated by a set_ftp.cgi?svr=192.168.1.1&port=21&user=ftp URI.... Read more

    • EPSS Score: %3.18
    • Published: Jun. 11, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2259

    Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &... Read more

    • EPSS Score: %0.33
    • Published: Jun. 14, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2276

    Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Sn... Read more

    • EPSS Score: %0.27
    • Published: Jul. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2323

    Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables ... Read more

    • EPSS Score: %0.33
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-14134

    Possible out of bound access in WLAN handler when the received value of length in rx path is shorter than the expected value of country IE in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infra... Read more

    • EPSS Score: %0.31
    • Published: Apr. 16, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-2407

    Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality.... Read more

    Affected Products : phpgroupware
    • EPSS Score: %0.38
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-21523

    A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the backgro... Read more

    Affected Products : halo
    • EPSS Score: %0.84
    • Published: Sep. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3169

    Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission Server/FTP before 09-00 allow remote attackers to execute arbitrary code via unknown attack vectors.... Read more

    Affected Products : jp1_file_transmission_server
    • EPSS Score: %3.23
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2020-23512

    VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication.... Read more

    Affected Products : p1_firmware p1
    • EPSS Score: %0.38
    • Published: Sep. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-3930

    The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP... Read more

    • EPSS Score: %15.34
    • Published: Apr. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-3493

    Unspecified vulnerability in the Hyperion Financial Reporting component in Oracle Hyperion 11.1.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Security Models.... Read more

    Affected Products : hyperion_financial_reporting
    • EPSS Score: %3.60
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-15503

    cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter.... Read more

    Affected Products : prontuscms
    • EPSS Score: %1.18
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-24719

    Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An att... Read more

    Affected Products : couchbase_server
    • EPSS Score: %7.53
    • Published: Nov. 12, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-7861

    Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling.... Read more

    Affected Products : radia_client_automation
    • EPSS Score: %9.95
    • Published: Oct. 19, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-25207

    JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.... Read more

    Affected Products : toolbox
    • EPSS Score: %0.04
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-15260

    A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain UR... Read more

    • EPSS Score: %7.15
    • Published: Oct. 16, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-7938

    Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors.... Read more

    • EPSS Score: %1.33
    • Published: Jan. 09, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291551 Results