Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-1142

    Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the De... Read more

    • EPSS Score: %6.67
    • Published: Jan. 20, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-4982

    Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the arg... Read more

    Affected Products : qrcode_activex
    • EPSS Score: %9.35
    • Published: Sep. 19, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6568

    Directory traversal vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the phpEx parameter.... Read more

    Affected Products : kb_mods
    • EPSS Score: %4.22
    • Published: Dec. 15, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-4697

    TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.... Read more

    • EPSS Score: %0.62
    • Published: May. 23, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-12987

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).... Read more

    Affected Products : netscaler_sd-wan sd-wan
    • EPSS Score: %92.51
    • Published: Jul. 16, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-1635

    Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1.10.17m allows remote attackers to execute arbitrary code via a long string in the jump parameter.... Read more

    • EPSS Score: %78.46
    • Published: Nov. 12, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-7985

    Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter to install/index.php.... Read more

    Affected Products : espocrm
    • EPSS Score: %2.30
    • Published: Oct. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5053

    The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attack... Read more

    Affected Products : gpu_driver
    • EPSS Score: %0.52
    • Published: Nov. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-11081

    A default username and password in Dentsply Sirona Sidexis 4.3.1 and earlier allows an attacker to gain administrative access to the application server.... Read more

    Affected Products : sidexis
    • EPSS Score: %0.32
    • Published: Apr. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-20893

    An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to co... Read more

    Affected Products : call_of_duty_modern_warfare_2
    • EPSS Score: %0.60
    • Published: Jun. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-21268

    The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command ... Read more

    Affected Products : traceroute
    • EPSS Score: %6.52
    • Published: Jun. 25, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-15148

    Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisor... Read more

    Affected Products : yii
    • EPSS Score: %91.70
    • Published: Sep. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-0176

    Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : cimplicity
    • EPSS Score: %32.99
    • Published: Jan. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-9458

    Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA Pro before 6.6 cumulative fix 2014-12-24 allows remote GDB servers to have unspecified impact via unknown vectors.... Read more

    Affected Products : ida
    • EPSS Score: %0.65
    • Published: Jan. 02, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2002-2159

    Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain acc... Read more

    Affected Products : befsr41 befsr11 befsru31
    • EPSS Score: %0.93
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2010-0140

    Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) administrator accounts via a crafted URL in a request to ... Read more

    Affected Products : unified_meetingplace
    • EPSS Score: %0.64
    • Published: Jan. 28, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-2257

    Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument.... Read more

    Affected Products : libcgi
    • EPSS Score: %5.38
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2236

    Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : apt-www-proxy
    • EPSS Score: %3.35
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2021-43984

    mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.... Read more

    Affected Products : mypro
    • EPSS Score: %0.28
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2002-2248

    Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConve... Read more

    Affected Products : communicator
    • EPSS Score: %4.87
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291562 Results