Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-11951

    An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. There is a Backdoor root account.... Read more

    • EPSS Score: %0.35
    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6228

    A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.... Read more

    Affected Products : email_encryption_gateway
    • EPSS Score: %3.65
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-44880

    D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. This vulnerability allows attackers to execute arbitrary commands via a crafted... Read more

    • EPSS Score: %16.65
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-12124

    A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.... Read more

    Affected Products : wn530h4_firmware wn530h4
    • EPSS Score: %91.67
    • Published: Oct. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-19527

    iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.... Read more

    Affected Products : icms
    • EPSS Score: %0.39
    • Published: Dec. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-32454

    A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to remote code execution. An attacker can send a malicious XML paylo... Read more

    • EPSS Score: %1.30
    • Published: Oct. 25, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6387

    iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.... Read more

    Affected Products : ib-wra150n_firmware ib-wra150n
    • EPSS Score: %0.99
    • Published: Jan. 29, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-5722

    Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.... Read more

    Affected Products : sawstudio
    • EPSS Score: %9.31
    • Published: Dec. 26, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-4727

    Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : smarty
    • EPSS Score: %0.43
    • Published: Feb. 03, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4733

    WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain ... Read more

    • EPSS Score: %0.72
    • Published: Feb. 15, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-20269

    A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22.... Read more

    Affected Products : caret
    • EPSS Score: %4.33
    • Published: Jan. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6444

    A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.... Read more

    • EPSS Score: %4.08
    • Published: Jan. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-8411

    Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-0230

    PRRDS.exe in the Proficy Remote Data Service in GE Intelligent Platforms Proficy Plant Applications 5.0 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TCP session on po... Read more

    • EPSS Score: %1.57
    • Published: Mar. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4663

    Unspecified vulnerability in the News module in CMS Made Simple (CMSMS) before 1.9.1 has unknown impact and attack vectors.... Read more

    Affected Products : cms_made_simple
    • EPSS Score: %0.41
    • Published: Jun. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2018-6667

    Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX).... Read more

    Affected Products : mcafee_web_gateway
    • EPSS Score: %2.33
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-2994

    Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (src attribute).... Read more

    Affected Products : web_vulnerability_scanner
    • EPSS Score: %59.46
    • Published: Apr. 27, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2023-29131

    A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation.... Read more

    Affected Products : simatic_cn_4100
    • EPSS Score: %0.02
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-21244

    OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full details in the reference GHSA. This issue was fixed in 4.0.3... Read more

    Affected Products : onedev
    • EPSS Score: %0.37
    • Published: Jan. 15, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-4510

    The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which... Read more

    Affected Products : edirectory
    • EPSS Score: %37.86
    • Published: Oct. 24, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 292228 Results