Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-5022

    Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary fil... Read more

    • EPSS Score: %1.40
    • Published: Aug. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-6969

    It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations.... Read more

    • EPSS Score: %0.45
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-6963

    In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, ... Read more

    • EPSS Score: %0.21
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-10892

    An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnap_main at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controll... Read more

    Affected Products : dir-806_firmware dir-806
    • EPSS Score: %0.86
    • Published: Sep. 06, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0647

    The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.... Read more

    • EPSS Score: %72.63
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-4915

    The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored ... Read more

    Affected Products : boa boa_webserver
    • EPSS Score: %78.62
    • Published: Sep. 17, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2021-1142

    Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the De... Read more

    • EPSS Score: %6.67
    • Published: Jan. 20, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-4982

    Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the arg... Read more

    Affected Products : qrcode_activex
    • EPSS Score: %9.35
    • Published: Sep. 19, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6568

    Directory traversal vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the phpEx parameter.... Read more

    Affected Products : kb_mods
    • EPSS Score: %4.22
    • Published: Dec. 15, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-4697

    TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.... Read more

    • EPSS Score: %0.62
    • Published: May. 23, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-12987

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).... Read more

    Affected Products : netscaler_sd-wan sd-wan
    • EPSS Score: %92.51
    • Published: Jul. 16, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-1635

    Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1.10.17m allows remote attackers to execute arbitrary code via a long string in the jump parameter.... Read more

    • EPSS Score: %78.46
    • Published: Nov. 12, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-7985

    Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter to install/index.php.... Read more

    Affected Products : espocrm
    • EPSS Score: %2.30
    • Published: Oct. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5053

    The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attack... Read more

    Affected Products : gpu_driver
    • EPSS Score: %0.52
    • Published: Nov. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-11081

    A default username and password in Dentsply Sirona Sidexis 4.3.1 and earlier allows an attacker to gain administrative access to the application server.... Read more

    Affected Products : sidexis
    • EPSS Score: %0.32
    • Published: Apr. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-20893

    An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to co... Read more

    Affected Products : call_of_duty_modern_warfare_2
    • EPSS Score: %0.60
    • Published: Jun. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-21268

    The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command ... Read more

    Affected Products : traceroute
    • EPSS Score: %6.52
    • Published: Jun. 25, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-15148

    Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisor... Read more

    Affected Products : yii
    • EPSS Score: %91.70
    • Published: Sep. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-0176

    Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : cimplicity
    • EPSS Score: %32.99
    • Published: Jan. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-9458

    Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA Pro before 6.6 cumulative fix 2014-12-24 allows remote GDB servers to have unspecified impact via unknown vectors.... Read more

    Affected Products : ida
    • EPSS Score: %0.65
    • Published: Jan. 02, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291275 Results