Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-5352

    Multiple unspecified vulnerabilities in Oracle Application Express 1.5 up to 1.6.1 have unknown impact and remote attack vectors, aka Vuln# (1) APEX04, (2) APEX20, and (3) APEX21.... Read more

    Affected Products : apex
    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-0982

    Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL.... Read more

    Affected Products : mpg123
    • EPSS Score: %8.23
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1573

    Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling."... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.44
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0843

    Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name.... Read more

    Affected Products : pam_smb pam_ntdom
    • EPSS Score: %4.03
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-1383

    Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286.... Read more

    Affected Products : php
    • EPSS Score: %2.90
    • Published: Mar. 10, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0217

    The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which c... Read more

    • EPSS Score: %76.22
    • Published: Feb. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6605

    Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argumen... Read more

    • EPSS Score: %51.97
    • Published: Dec. 19, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5815

    Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."... Read more

    Affected Products : proftpd
    • EPSS Score: %59.83
    • Published: Nov. 08, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2000-0762

    The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges.... Read more

    • EPSS Score: %1.04
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0431

    Vulnerability in iPlanet Web Server Enterprise Edition 4.x.... Read more

    Affected Products : iplanet_web_server
    • EPSS Score: %0.48
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1868

    Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields.... Read more

    Affected Products : dispair
    • EPSS Score: %11.60
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1520

    The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privil... Read more

    Affected Products : firebox rapidstream
    • EPSS Score: %0.83
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0304

    one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script.... Read more

    Affected Products : oneorzero_helpdesk
    • EPSS Score: %2.86
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0450

    Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail.... Read more

    Affected Products : log2mail
    • EPSS Score: %8.98
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0332

    Extremail 1.5.9 does not check passwords correctly when they are all digits or begin with a digit, which allows remote attackers to gain privileges.... Read more

    Affected Products : extremail
    • EPSS Score: %0.90
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-5370

    Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS06 for Oracle CRM Gateway for Mobile Devices and (2) APPS08 for Oracle iStore.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %2.75
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-3893

    Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML ... Read more

    Affected Products : photo_loader imagekit
    • EPSS Score: %19.92
    • Published: Dec. 04, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2137

    Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a lo... Read more

    Affected Products : tivoli_monitoring_express
    • EPSS Score: %27.54
    • Published: Apr. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3500

    Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.... Read more

    Affected Products : xeforum
    • EPSS Score: %0.84
    • Published: Jun. 29, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3624

    Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group.... Read more

    Affected Products : sap_message_server
    • EPSS Score: %65.41
    • Published: Jul. 09, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291520 Results