Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2014-3206

    Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.... Read more

    • EPSS Score: %92.89
    • Published: Feb. 23, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-3454

    Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g Release 1 version 10.1.1 and 9i Release 2 9.0.4.2 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04 for Calendar; (5)... Read more

    Affected Products : collaboration_suite
    • EPSS Score: %4.24
    • Published: Nov. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-6158

    Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0 have unknown impact and remote attack vectors.... Read more

    Affected Products : w3b\>cms
    • EPSS Score: %1.80
    • Published: Feb. 17, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2020-24633

    There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers ... Read more

    Affected Products : arubaos sd-wan 9004 9004-lte 9012 7005 7008 7010 7024 7030 +5 more products
    • EPSS Score: %1.34
    • Published: Dec. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-24646

    A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %3.86
    • Published: Oct. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-24639

    There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host ope... Read more

    Affected Products : airwave_glass
    • EPSS Score: %0.74
    • Published: Jan. 15, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-5129

    A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in... Read more

    Affected Products : youphptube youphptube_encoder
    • EPSS Score: %89.88
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-43931

    Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors.... Read more

    Affected Products : vpn_plus_server router_manager
    • EPSS Score: %21.50
    • Published: Jan. 03, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-35189

    Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a remote code execution vulnerability that could allow an unauthenticated user to upload a malicious payload and execute it. ... Read more

    Affected Products : scrutisweb
    • EPSS Score: %0.33
    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6238

    Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a... Read more

    Affected Products : quicktime
    • EPSS Score: %2.74
    • Published: Dec. 04, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-7315

    An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin.... Read more

    Affected Products : hg100r_firmware hg100r
    • EPSS Score: %0.89
    • Published: Jul. 04, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2023-3703

    Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials... Read more

    • EPSS Score: %0.08
    • Published: Sep. 03, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-1968

    Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications.... Read more

    • EPSS Score: %0.12
    • Published: Apr. 28, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-39344

    social-media-skeleton is an uncompleted social media project. A SQL injection vulnerability in the project allows UNION based injections, which indirectly leads to remote code execution. Commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1 contains a fix for t... Read more

    Affected Products : social-media-skeleton
    • EPSS Score: %5.08
    • Published: Aug. 04, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-2593

    Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors.... Read more

    Affected Products : mindalign
    • EPSS Score: %0.26
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2014-3804

    The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) update_system_info_debian_package, (2) ossec_task, (3) set_ossim_setup admin_ip, (4) sync_rserver, or (5) set_ossim_setup ... Read more

    • EPSS Score: %80.42
    • Published: Jun. 13, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2023-41721

    Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creating a risk of access to device configuration information by ... Read more

    • EPSS Score: %0.24
    • Published: Oct. 25, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-2306

    Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the cameras, user information, and modify database records. ... Read more

    Affected Products : nicevision
    • EPSS Score: %0.11
    • Published: Oct. 05, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-4309

    Election Services Co. (ESC) Internet Election Service is vulnerable to SQL injection in multiple pages and parameters. These vulnerabilities allow an unauthenticated, remote attacker to read or modify data for any elections that share the same backend dat... Read more

    Affected Products : internet_election_service
    • EPSS Score: %0.56
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-1400

    Unspecified vulnerability in the U+Box 2.0 Pad (lg.uplusbox.pad) application 2.0.8.4 for Android has unknown impact and attack vectors.... Read more

    Affected Products : android u\+box_2.0_pad
    • EPSS Score: %0.43
    • Published: Mar. 07, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 292058 Results