Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-5449

    Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-... Read more

    Affected Products : secure_backup
    • EPSS Score: %4.50
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2022-30329

    An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands.... Read more

    Affected Products : tew-831dr_firmware tew-831dr
    • EPSS Score: %0.81
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-38390

    A Blind SQL injection vulnerability exists in the /DataHandler/HandlerEnergyType.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter egy... Read more

    Affected Products : diaenergie
    • EPSS Score: %1.65
    • Published: Aug. 30, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-38530

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2... Read more

    • EPSS Score: %1.66
    • Published: Aug. 11, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-11951

    An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. There is a Backdoor root account.... Read more

    • EPSS Score: %0.35
    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6228

    A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.... Read more

    Affected Products : email_encryption_gateway
    • EPSS Score: %3.65
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-44880

    D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. This vulnerability allows attackers to execute arbitrary commands via a crafted... Read more

    • EPSS Score: %16.65
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-12124

    A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.... Read more

    Affected Products : wn530h4_firmware wn530h4
    • EPSS Score: %91.67
    • Published: Oct. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-19527

    iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.... Read more

    Affected Products : icms
    • EPSS Score: %0.39
    • Published: Dec. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-32454

    A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to remote code execution. An attacker can send a malicious XML paylo... Read more

    • EPSS Score: %1.30
    • Published: Oct. 25, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6387

    iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.... Read more

    Affected Products : ib-wra150n_firmware ib-wra150n
    • EPSS Score: %0.99
    • Published: Jan. 29, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-5722

    Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.... Read more

    Affected Products : sawstudio
    • EPSS Score: %9.31
    • Published: Dec. 26, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-4727

    Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : smarty
    • EPSS Score: %0.43
    • Published: Feb. 03, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4733

    WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain ... Read more

    • EPSS Score: %0.72
    • Published: Feb. 15, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-20269

    A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22.... Read more

    Affected Products : caret
    • EPSS Score: %4.33
    • Published: Jan. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6444

    A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.... Read more

    • EPSS Score: %4.11
    • Published: Jan. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-8411

    Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-0230

    PRRDS.exe in the Proficy Remote Data Service in GE Intelligent Platforms Proficy Plant Applications 5.0 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TCP session on po... Read more

    • EPSS Score: %1.57
    • Published: Mar. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4663

    Unspecified vulnerability in the News module in CMS Made Simple (CMSMS) before 1.9.1 has unknown impact and attack vectors.... Read more

    Affected Products : cms_made_simple
    • EPSS Score: %0.41
    • Published: Jun. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2018-6667

    Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX).... Read more

    Affected Products : mcafee_web_gateway
    • EPSS Score: %2.33
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291551 Results