Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0945

    The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.... Read more

    Affected Products : catalyst_3500_xl
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-5552

    Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a de... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5587

    Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.1... Read more

    • Published: Sep. 22, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5549

    Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a de... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5540

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to exe... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-1999-0554

    NFS exports system-critical data to the world, e.g. / or a password file.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0368

    Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.... Read more

    • Published: Feb. 09, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-5564

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to exe... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5559

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to exe... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-0910

    Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.... Read more

    Affected Products : php secure_linux
    • Published: Feb. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-5541

    Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execu... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-0748

    Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request.... Read more

    • Published: May. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-5547

    Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a de... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5473

    Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to (1) upload/updateDriver or (2) upload/addDriver or to execute arbitrary code with SYSTEM privilege... Read more

    Affected Products : syncthru_6
    • Published: Jun. 01, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2006-6917

    Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly ... Read more

    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6636

    Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5.1.1.13 and 6.x before 6.0.2.17 has unknown impact and attack vectors.... Read more

    Affected Products : websphere_application_server
    • Published: Dec. 19, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5855

    Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that beg... Read more

    Affected Products : tivoli_storage_manager
    • Published: Dec. 06, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5819

    Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script.... Read more

    Affected Products : ultraseek
    • Published: Nov. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2020-6990

    Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is ha... Read more

    • Published: Mar. 16, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3377

    Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 293508 Results