Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2011-4860

    The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier... Read more

    • Published: Dec. 17, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-1764

    Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest ... Read more

    Affected Products : internet_explorer
    • Published: Apr. 27, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0929

    time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.... Read more

    Affected Products : hvg_video_gateway_firmware hvg400
    • Published: Feb. 03, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0984

    Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O ... Read more

    • Published: Mar. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0855

    The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path.... Read more

    Affected Products : pitivi
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-0786

    Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : zenworks_configuration_management
    • Published: Aug. 09, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2014-4487

    Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x iphone_os tvos
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0850

    The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when creating a secondary Git repository.... Read more

    Affected Products : fusionforge
    • Published: Jun. 02, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-2830

    Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.... Read more

    Affected Products : cifs-utils
    • Published: Mar. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-0444

    Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruptio... Read more

    • Published: Feb. 01, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-0701

    Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961.... Read more

    • Published: May. 07, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0653

    The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before X2.3.1 and XC2.4 before XC2.4.1 allows remote attackers to... Read more

    • Published: Mar. 13, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2011-0080

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and ap... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2020-4429

    IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. I... Read more

    Affected Products : data_risk_manager
    • Published: May. 07, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2015-0565

    NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.... Read more

    Affected Products : native_client
    • Published: Feb. 25, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0267

    Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.... Read more

    Affected Products : openview_network_node_manager
    • Published: Jan. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-0574

    In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.... Read more

    Affected Products : android
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-0491

    Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.... Read more

    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0469

    Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.... Read more

    Affected Products : jdk jre
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-5134

    Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."... Read more

    Affected Products : linux_kernel
    • Published: Nov. 18, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292803 Results