Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-6343

    Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.... Read more

    • EPSS Score: %28.28
    • Published: Jan. 22, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-0278

    libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors.... Read more

    Affected Products : fedora node.js libuv
    • EPSS Score: %1.59
    • Published: May. 18, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2018-17160

    In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary code execution. ... Read more

    Affected Products : freebsd
    • EPSS Score: %0.79
    • Published: Dec. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-20434

    LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajax_output.php?id=capture&format=text&type=snmpwalk&hostna... Read more

    Affected Products : librenms
    • EPSS Score: %66.99
    • Published: Apr. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-10950

    Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. An attacker who successfully exploits this vulnerabilit... Read more

    • EPSS Score: %1.13
    • Published: Apr. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2046

    In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is no... Read more

    Affected Products : android
    • EPSS Score: %1.18
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-19989

    In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/entry... Read more

    • EPSS Score: %32.75
    • Published: May. 13, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-9871

    Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with root permission.... Read more

    Affected Products : fm-k75_firmware fm-k75
    • EPSS Score: %6.89
    • Published: May. 31, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-10515

    STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting to execute code with System rights, aka usd-2020-0006.... Read more

    • EPSS Score: %0.99
    • Published: Apr. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-13702

    The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary temporary UID. An attacker with access to Beacon or IoT networ... Read more

    Affected Products : the_rolling_proximity_identifier
    • EPSS Score: %0.54
    • Published: Jun. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-26908

    Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before 1.0.0.42, R6050 before 1.0.1.22, JR6150 before 1.0.1.22, R6080 before 1.0.0.42, R6120 before 1.... Read more

    • EPSS Score: %0.63
    • Published: Oct. 09, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-6016

    Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the heap, resulting i... Read more

    Affected Products : game_networking_sockets
    • EPSS Score: %10.04
    • Published: Nov. 18, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-6939

    Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SAML settings and could lead to account takeover for users... Read more

    Affected Products : tableau_server
    • EPSS Score: %1.36
    • Published: Nov. 23, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-10575

    CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices.... Read more

    Affected Products : ecostruxure_it_gateway
    • Published: Nov. 13, 2024
    • Modified: Nov. 19, 2024

  • 10.0

    CRITICAL
    CVE-2021-21243

    OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. These endpoints do not enforce any authentication or authorization checks. This ... Read more

    Affected Products : onedev
    • EPSS Score: %2.51
    • Published: Jan. 15, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-8011

    EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with defa... Read more

    • EPSS Score: %15.65
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2022-20170

    Product: AndroidVersions: Android kernelAndroid ID: A-209421931References: N/A... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-1046

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %10.86
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3468

    Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install.... Read more

    Affected Products : agile_engineering_data_management
    • EPSS Score: %3.38
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1473

    Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community, aka Bug ID CSCuz76216.... Read more

    • EPSS Score: %3.11
    • Published: Sep. 02, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291384 Results