Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-1801

    The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges.... Read more

    Affected Products : galaxy_s4_firmware galaxy_s4
    • EPSS Score: %0.91
    • Published: Aug. 24, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2012-3270

    Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-... Read more

    Affected Products : performance_insight
    • EPSS Score: %3.31
    • Published: Nov. 07, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-14475

    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with t... Read more

    • EPSS Score: %4.97
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2578

    cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the ServerN... Read more

    • EPSS Score: %72.28
    • Published: Oct. 11, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-3232

    The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet dae... Read more

    Affected Products : totalstorage_ds400
    • EPSS Score: %1.35
    • Published: Jun. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2015-2052

    Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings action to the HNAP interface.... Read more

    Affected Products : dir-645_firmware dir-645
    • EPSS Score: %11.65
    • Published: Feb. 23, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-12133

    The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.... Read more

    Affected Products : electric_consciousmap
    • EPSS Score: %8.08
    • Published: Apr. 27, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-4659

    Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSC... Read more

    • EPSS Score: %0.86
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-15746

    SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP commands. As a result, an attacker can compromise the running server and execute system commands in the context of the web user.... Read more

    Affected Products : sitos_six
    • EPSS Score: %0.37
    • Published: Oct. 07, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-3684

    NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload... Read more

    Affected Products : nextgen_gallery
    • EPSS Score: %44.66
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-4915

    Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Man... Read more

    • EPSS Score: %2.47
    • Published: Oct. 22, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2023-1283

    Code Injection in GitHub repository builderio/qwik prior to 0.21.0. ... Read more

    Affected Products : qwik qwik
    • EPSS Score: %0.31
    • Published: Mar. 08, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-1424

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service... Read more

    • EPSS Score: %1.31
    • Published: May. 24, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-0873

    Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : timesten_in-memory_database
    • EPSS Score: %2.52
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2024-42489

    Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform remote code execution. Other macros like Viewppt are vul... Read more

    Affected Products : pro_macros
    • Published: Aug. 12, 2024
    • Modified: Sep. 16, 2024

  • 10.0

    HIGH
    CVE-2011-0488

    Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio 6.1 and InduSoft Web Studio 7.0, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arb... Read more

    Affected Products : advantech_studio web_studio
    • EPSS Score: %18.24
    • Published: Jan. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1390

    Unspecified vulnerability in the Miso (com.bazaarlabs.miso) application 2.2 for Android has unknown impact and attack vectors.... Read more

    Affected Products : android miso
    • EPSS Score: %0.43
    • Published: Mar. 07, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-3443

    The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh2... Read more

    Affected Products : wide_area_application_services
    • EPSS Score: %7.92
    • Published: Aug. 01, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-2842

    Unrestricted file upload vulnerability in go_audiostore.php in the audiostore (Voice Files) upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable ex... Read more

    Affected Products : goadmin_ce
    • EPSS Score: %43.86
    • Published: May. 12, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-4249

    The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch before 5.1.2 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC prop... Read more

    Affected Products : kindle_touch
    • EPSS Score: %1.81
    • Published: Aug. 12, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291526 Results