Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2010-3758

    Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_S... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %35.41
    • Published: Oct. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0607

    Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.... Read more

    Affected Products : verastream_process_designer
    • EPSS Score: %6.84
    • Published: Jul. 24, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-18145

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM native process is processing framework e... Read more

    • EPSS Score: %0.22
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-1999-0048

    Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.... Read more

    Affected Products : aix asl_ux_4800 ews-ux_v up-ux_v netkit
    • EPSS Score: %1.28
    • Published: Jan. 27, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-0824

    Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors.... Read more

    Affected Products : caroline
    • EPSS Score: %0.40
    • Published: Feb. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1465

    Stack-based buffer overflow in dproxy.c for dproxy 0.1 through 0.5 allows remote attackers to execute arbitrary code via a long DNS query packet to UDP port 53.... Read more

    Affected Products : dproxy
    • EPSS Score: %26.15
    • Published: Mar. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-2771

    solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.... Read more

    Affected Products : soliddb
    • EPSS Score: %8.46
    • Published: Jul. 22, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1948

    converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.... Read more

    Affected Products : ruby md2pdf
    • EPSS Score: %0.92
    • Published: Apr. 25, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-1999-0073

    Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.... Read more

    Affected Products : irix unix osf_1
    • EPSS Score: %0.26
    • Published: Oct. 13, 1995
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2015-7860

    Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lack... Read more

    Affected Products : radia_client_automation
    • EPSS Score: %15.73
    • Published: Oct. 19, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2015-7930

    Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors.... Read more

    • EPSS Score: %0.92
    • Published: Dec. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-1999-0088

    IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.... Read more

    Affected Products : aix
    • EPSS Score: %6.18
    • Published: Oct. 26, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0165

    NFS cache poisoning.... Read more

    Affected Products : linux_kernel solaris sunos bsd_os nfs
    • EPSS Score: %0.47
    • Published: Mar. 01, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0002

    The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets wit... Read more

    Affected Products : freebsd
    • EPSS Score: %1.27
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2024-2086

    The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due t... Read more

    Affected Products :
    • Published: Mar. 30, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-0895

    Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request.... Read more

    Affected Products : soho_firewall
    • EPSS Score: %3.58
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-2371

    admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct sta... Read more

    Affected Products : phpmynewsletter
    • EPSS Score: %4.50
    • Published: Apr. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2000-0141

    Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field.... Read more

    Affected Products : ultimate_bulletin_board
    • EPSS Score: %2.47
    • Published: Feb. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0175

    Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.... Read more

    Affected Products : staroffice
    • EPSS Score: %1.19
    • Published: Mar. 09, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0322

    The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : linux
    • EPSS Score: %77.77
    • Published: Apr. 24, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 292095 Results