Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-7825

    A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll modu... Read more

    Affected Products : miplatform
    • EPSS Score: %0.51
    • Published: Jul. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-7980

    Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.... Read more

    Affected Products : aptus_web
    • EPSS Score: %93.07
    • Published: Jan. 25, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-8010

    CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.... Read more

    • EPSS Score: %80.94
    • Published: Feb. 18, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-0990

    Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method.... Read more

    • EPSS Score: %7.27
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-8234

    A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection.... Read more

    • EPSS Score: %1.80
    • Published: Aug. 21, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-0451

    Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-0452.... Read more

    Affected Products : goldengate
    • EPSS Score: %13.91
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-9884

    eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page.... Read more

    Affected Products : eclass_ip
    • EPSS Score: %0.39
    • Published: Jul. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-1118

    Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at... Read more

    Affected Products : windows_7 internet_explorer
    • EPSS Score: %36.59
    • Published: Mar. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-15489

    An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges.... Read more

    Affected Products : wl-wn530hg4_firmware wl-wn530hg4
    • EPSS Score: %3.60
    • Published: Jul. 01, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1919

    Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP mes... Read more

    • EPSS Score: %0.63
    • Published: Nov. 02, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2020-10272

    MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. This allows attackers with access to the internal wireless and wired networks to take control of... Read more

    • EPSS Score: %0.47
    • Published: Jun. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-0840

    Multiple stack-based buffer underflows in decoder/ih264d_parse_cavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal... Read more

    Affected Products : android
    • EPSS Score: %0.79
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0841

    media/libmedia/mediametadataretriever.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mishandles cleared service binders, which allows remote attackers to execute arbitrary code or cause a ... Read more

    Affected Products : android
    • EPSS Score: %1.22
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-11116

    u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ... Read more

    • EPSS Score: %0.33
    • Published: Sep. 08, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-0684

    Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV fu... Read more

    Affected Products : maxdb
    • EPSS Score: %71.81
    • Published: Apr. 25, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2021-1972

    Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdra... Read more

    • EPSS Score: %0.26
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-45090

    Stormshield Endpoint Security before 2.1.2 allows remote code execution.... Read more

    Affected Products : endpoint_security
    • EPSS Score: %3.82
    • Published: Dec. 21, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-1962

    Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.2.1.870.0 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : storageworks_storage_mirroring
    • EPSS Score: %48.38
    • Published: Jun. 07, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-6535

    AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.... Read more

    Affected Products : eh6108h\+_firmware eh6108h\+
    • EPSS Score: %0.73
    • Published: Sep. 19, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2021-46198

    An SQL Injection vulnerability exists in Sourceodester Courier Management System 1.0 via the email parameter in /cms/ajax.php app.... Read more

    Affected Products : courier_management_system
    • EPSS Score: %0.33
    • Published: Jan. 21, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 291401 Results