Latest CVE Feed
-
10.0
CRITICALCVE-2024-30498
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4. ... Read more
Affected Products : crm_perks_forms- Published: Mar. 29, 2024
- Modified: Feb. 07, 2025
-
10.0
HIGHCVE-2014-7917
Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342615.... Read more
Affected Products : android- EPSS Score: %0.22
- Published: Oct. 01, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7916
Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342751.... Read more
Affected Products : android- EPSS Score: %0.22
- Published: Oct. 01, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7898
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors.... Read more
- EPSS Score: %28.81
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7894
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSPrinter.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid PO... Read more
- EPSS Score: %30.08
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7878
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execut... Read more
Affected Products : helion_cloud_development_platform- EPSS Score: %28.81
- Published: Nov. 14, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7921
mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920.... Read more
Affected Products : android- EPSS Score: %0.22
- Published: Apr. 13, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2014-7895
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCashDrawer.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid PO... Read more
- EPSS Score: %28.81
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7857
D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions... Read more
Affected Products : dns-322l_firmware dns-325_firmware dns-345_firmware dns-320b_firmware dnr-326_firmware dns-327l_firmware dns-320l_firmware dns-320l dns-325 dns-327l +4 more products- EPSS Score: %1.48
- Published: Aug. 25, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2014-7892
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe r... Read more
- EPSS Score: %28.81
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
CRITICALCVE-2024-30299
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated... Read more
Affected Products : framemaker_publishing_server- Published: Jun. 13, 2024
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2024-30224
Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.2. ... Read more
Affected Products : wholesalex- Published: Mar. 28, 2024
- Modified: Apr. 08, 2025
-
10.0
HIGHCVE-2017-8248
A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.... Read more
Affected Products : iphone_os- EPSS Score: %2.38
- Published: Aug. 16, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2017-5790
A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.... Read more
Affected Products : intelligent_management_center- EPSS Score: %41.62
- Published: Feb. 15, 2018
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2020-3936
UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command.... Read more
- EPSS Score: %0.42
- Published: Mar. 27, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2020-3924
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system.... Read more
Affected Products : tat-77104g1_firmware tat-70432n_firmware tat-71416g1_firmware tat-71832g1_firmware tat-76104g3_firmware tat-76108g3_firmware tat-76116g3_firmware tat-76132g3_firmware tat-77104g1 tat-70432n +6 more products- EPSS Score: %0.41
- Published: Feb. 27, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2020-3923
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured authentication mechanism. Attackers can crack the default password and gain access to the system.... Read more
Affected Products : tat-77104g1_firmware tat-70432n_firmware tat-71416g1_firmware tat-71832g1_firmware tat-76104g3_firmware tat-76108g3_firmware tat-76116g3_firmware tat-76132g3_firmware tat-77104g1 tat-70432n +6 more products- EPSS Score: %0.33
- Published: Feb. 27, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2014-2955
Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.... Read more
- EPSS Score: %1.26
- Published: Jul. 14, 2014
- Modified: Apr. 12, 2025
-
10.0
CRITICALCVE-2024-36258
A stack-based buffer overflow vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send an HTTP request to... Read more
- Published: Jan. 14, 2025
- Modified: Aug. 21, 2025
- Vuln Type: Memory Corruption
-
10.0
HIGHCVE-2013-4784
The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.... Read more
Affected Products : integrated_lights-out_bmc- EPSS Score: %58.33
- Published: Jul. 08, 2013
- Modified: Apr. 11, 2025