Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2021-43984

    mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.... Read more

    Affected Products : mypro
    • EPSS Score: %0.28
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2002-2248

    Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConve... Read more

    Affected Products : communicator
    • EPSS Score: %4.87
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-1568

    Format string vulnerability in the logText function in shmemmgr9.dll in IGSSdataServer.exe 9.00.00.11074, and 9.00.00.11063 and earlier, in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to cause a denial of service and p... Read more

    Affected Products : igss
    • EPSS Score: %51.08
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-7292

    Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.... Read more

    Affected Products : fire_os
    • EPSS Score: %0.41
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-2832

    Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request ... Read more

    Affected Products : aspwebcalendar2008
    • EPSS Score: %6.29
    • Published: Jun. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-1910

    Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-524... Read more

    Affected Products : interbase
    • EPSS Score: %7.34
    • Published: Apr. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-0604

    Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the StartLog method.... Read more

    Affected Products : reflection_ftp_client
    • EPSS Score: %10.68
    • Published: Feb. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-3758

    Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_S... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %35.41
    • Published: Oct. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0607

    Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.... Read more

    Affected Products : verastream_process_designer
    • EPSS Score: %6.84
    • Published: Jul. 24, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-18145

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM native process is processing framework e... Read more

    • EPSS Score: %0.22
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-1999-0048

    Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.... Read more

    Affected Products : aix asl_ux_4800 ews-ux_v up-ux_v netkit
    • EPSS Score: %1.28
    • Published: Jan. 27, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-0824

    Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors.... Read more

    Affected Products : caroline
    • EPSS Score: %0.40
    • Published: Feb. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1465

    Stack-based buffer overflow in dproxy.c for dproxy 0.1 through 0.5 allows remote attackers to execute arbitrary code via a long DNS query packet to UDP port 53.... Read more

    Affected Products : dproxy
    • EPSS Score: %26.15
    • Published: Mar. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-2771

    solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.... Read more

    Affected Products : soliddb
    • EPSS Score: %8.46
    • Published: Jul. 22, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1948

    converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.... Read more

    Affected Products : ruby md2pdf
    • EPSS Score: %0.92
    • Published: Apr. 25, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-1999-0073

    Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.... Read more

    Affected Products : irix unix osf_1
    • EPSS Score: %0.26
    • Published: Oct. 13, 1995
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-7860

    Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lack... Read more

    Affected Products : radia_client_automation
    • EPSS Score: %15.73
    • Published: Oct. 19, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2015-7930

    Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors.... Read more

    • EPSS Score: %0.92
    • Published: Dec. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-1999-0088

    IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.... Read more

    Affected Products : aix
    • EPSS Score: %6.18
    • Published: Oct. 26, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0165

    NFS cache poisoning.... Read more

    Affected Products : linux_kernel solaris sunos bsd_os nfs
    • EPSS Score: %0.47
    • Published: Mar. 01, 1997
    • Modified: Apr. 03, 2025
Showing 20 of 291384 Results