Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-35191

    The official drupal docker images before 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root a... Read more

    Affected Products : drupal_docker_images
    • EPSS Score: %20.36
    • Published: Dec. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-35195

    The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user. System using the haproxy docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root acc... Read more

    Affected Products : haproxy_docker_image
    • EPSS Score: %2.01
    • Published: Dec. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-35185

    The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access ... Read more

    Affected Products : ghost_alpine_docker_image
    • EPSS Score: %2.01
    • Published: Dec. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-2626

    Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID.... Read more

    Affected Products : kismet
    • EPSS Score: %3.94
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2454

    Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory ... Read more

    • EPSS Score: %1.77
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3125

    Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."... Read more

    Affected Products : wordpress
    • EPSS Score: %1.27
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6679

    Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 befor... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.32
    • Published: Jan. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-1735

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.... Read more

    Affected Products : openview_storage_data_protector
    • EPSS Score: %46.09
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-0947

    Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.... Read more

    Affected Products : kerberos_5
    • EPSS Score: %35.26
    • Published: Mar. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-1167

    Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obta... Read more

    Affected Products : squid_analysis_report_generator
    • EPSS Score: %13.05
    • Published: Mar. 05, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2016-1118

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.11
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-5602

    The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows re... Read more

    • EPSS Score: %3.23
    • Published: Oct. 30, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-1543

    Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.... Read more

    Affected Products : mandrake_linux network_audio_system
    • EPSS Score: %7.70
    • Published: Mar. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-3206

    Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.... Read more

    • EPSS Score: %92.89
    • Published: Feb. 23, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-6271

    GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand fea... Read more

    • Actively Exploited
    • EPSS Score: %94.22
    • Published: Sep. 24, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-1297

    Buffer overflow in the process_font_table function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file.... Read more

    Affected Products : unrtf
    • EPSS Score: %7.76
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-0340

    Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04).... Read more

    • EPSS Score: %1.72
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-2874

    PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute arbitrary code via shell metacharacters in an unspecified context.... Read more

    Affected Products : commonspot_content_server
    • EPSS Score: %4.36
    • Published: Apr. 15, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-3008

    Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php.... Read more

    Affected Products : enterprise_backup
    • EPSS Score: %31.66
    • Published: Apr. 28, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-0414

    CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code... Read more

    Affected Products : openbsd propack linux openpkg cvs
    • EPSS Score: %5.25
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 292522 Results