Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-1119

    Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.... Read more

    Affected Products : replistor emc_replistor
    • EPSS Score: %13.07
    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0065

    Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large strea... Read more

    Affected Products : linux_kernel
    • EPSS Score: %8.94
    • Published: Jan. 07, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6021

    Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd party analysis."... Read more

    Affected Products : reflection_for_secure_it
    • EPSS Score: %0.40
    • Published: Feb. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5317

    Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperl... Read more

    Affected Products : little_cms_color_engine lcms
    • EPSS Score: %0.95
    • Published: Dec. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5030

    Heap-based buffer overflow in the cddb_read_disc_data function in cddb.c in libcdaudio 0.99.12p2 allows remote CDDB servers to execute arbitrary code via long CDDB data.... Read more

    Affected Products : libcaudio
    • EPSS Score: %6.48
    • Published: Nov. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4193

    Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter.... Read more

    Affected Products : securitygateway
    • EPSS Score: %80.45
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4061

    Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or po... Read more

    • EPSS Score: %1.43
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3641

    The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.... Read more

    Affected Products : cups
    • EPSS Score: %55.58
    • Published: Oct. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3112

    Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEn... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %8.38
    • Published: Jul. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3009

    Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name (SPN) identifier when validating replies to authentication requests, which allows r... Read more

    • EPSS Score: %41.88
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2241

    Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log m... Read more

    • EPSS Score: %6.95
    • Published: May. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0339

    Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01.... Read more

    Affected Products : database_server
    • EPSS Score: %27.19
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3676

    IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote ad... Read more

    Affected Products : db2
    • EPSS Score: %4.55
    • Published: Feb. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3216

    Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, ... Read more

    • EPSS Score: %60.17
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3181

    Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.d... Read more

    Affected Products : firebird netvault firebird
    • EPSS Score: %28.19
    • Published: Jun. 12, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2974

    Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer cast around."... Read more

    Affected Products : antivirus antivir av_pack
    • EPSS Score: %20.03
    • Published: Jun. 01, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2124

    Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.4.1.0 has unknown impact and remote attack vectors, aka AS05.... Read more

    Affected Products : application_server
    • EPSS Score: %1.12
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1675

    Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username.... Read more

    Affected Products : lotus_domino
    • EPSS Score: %46.66
    • Published: Mar. 28, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6184

    Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.... Read more

    Affected Products : at-tftp
    • EPSS Score: %79.03
    • Published: Dec. 01, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6183

    Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command.... Read more

    Affected Products : 3ctftpsvc
    • EPSS Score: %40.95
    • Published: Dec. 01, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 291384 Results