Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2017-14480

    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution wi... Read more

    • EPSS Score: %5.01
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-3092

    Buffer overflow on the ASUS WL-500W wireless router has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, becau... Read more

    Affected Products : asus_wl-500w
    • EPSS Score: %0.45
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7198

    Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have unknown impact and attack vectors.... Read more

    Affected Products : phpns
    • EPSS Score: %0.34
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2016-5788

    General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.... Read more

    • EPSS Score: %0.30
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-5859

    On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183.... Read more

    • EPSS Score: %0.18
    • Published: Mar. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2022-26666

    Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.... Read more

    Affected Products : diaenergie
    • EPSS Score: %0.22
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2294

    Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdr... Read more

    • EPSS Score: %0.33
    • Published: Sep. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-7868

    A remote code execution vulnerability exists in helpUS(remote administration tool) due to improper validation of parameter of ShellExecutionExA function used for login.... Read more

    Affected Products : windows helpu
    • EPSS Score: %2.33
    • Published: Jun. 29, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-5197

    Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."... Read more

    Affected Products : condor
    • EPSS Score: %0.72
    • Published: Sep. 28, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-3829

    Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via ... Read more

    Affected Products : android
    • EPSS Score: %25.10
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-7124

    A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %20.37
    • Published: Jun. 05, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-3824

    The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow... Read more

    Affected Products : android
    • EPSS Score: %12.23
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-0029

    Cisco Application Velocity System (AVS) before 5.1.0 is installed with default passwords for some system accounts, which allows remote attackers to gain privileges.... Read more

    • EPSS Score: %0.93
    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-10557

    Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &... Read more

    • EPSS Score: %0.33
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4813

    The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.... Read more

    • EPSS Score: %6.40
    • Published: Sep. 16, 2013
    • Modified: Apr. 22, 2025

  • 10.0

    HIGH
    CVE-2019-10594

    Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi... Read more

    • EPSS Score: %0.36
    • Published: Mar. 05, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-21505

    Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit this to log in to th... Read more

    • EPSS Score: %5.75
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-39720

    Product: AndroidVersions: Android kernelAndroid ID: A-207433926References: N/A... Read more

    Affected Products : android
    • EPSS Score: %0.13
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-13177

    In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions... Read more

    Affected Products : android
    • EPSS Score: %10.05
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5019

    Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resource name in an HTTP request.... Read more

    Affected Products : ultra_mini_httpd
    • EPSS Score: %82.69
    • Published: Jul. 31, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291275 Results