Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-6822

    GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue.... Read more

    Affected Products : netweaver
    • EPSS Score: %1.52
    • Published: Nov. 20, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6774

    Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x ... Read more

    • EPSS Score: %0.37
    • Published: Mar. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-6775

    The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.... Read more

    Affected Products : android supersu
    • EPSS Score: %0.34
    • Published: Mar. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-6769

    The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su.... Read more

    Affected Products : android superuser
    • EPSS Score: %0.34
    • Published: Mar. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-6671

    The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered lis... Read more

    • EPSS Score: %10.40
    • Published: Dec. 11, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2022-20708

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization... Read more

    • Actively Exploited
    • EPSS Score: %11.20
    • Published: Feb. 10, 2022
    • Modified: Mar. 13, 2025

  • 10.0

    HIGH
    CVE-2013-6490

    The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.... Read more

    Affected Products : pidgin
    • EPSS Score: %57.50
    • Published: Feb. 06, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-0846

    The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via ... Read more

    • EPSS Score: %23.59
    • Published: Apr. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2130

    Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary c... Read more

    • EPSS Score: %8.39
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6345

    Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."... Read more

    Affected Products : zenworks_configuration_management
    • EPSS Score: %0.23
    • Published: Nov. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-27744

    An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.... Read more

    • EPSS Score: %10.41
    • Published: Oct. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2414

    Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary c... Read more

    • EPSS Score: %13.36
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6288

    Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."... Read more

    Affected Products : typo3 apache_solr
    • EPSS Score: %0.50
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6245

    Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors.... Read more

    • EPSS Score: %8.93
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6189

    Unspecified vulnerability in the Archive Query Server in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, and 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1666.... Read more

    Affected Products : application_information_optimizer
    • EPSS Score: %42.82
    • Published: Dec. 29, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6034

    The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for ... Read more

    • EPSS Score: %0.30
    • Published: Feb. 04, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-1372

    Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.... Read more

    Affected Products : clamav
    • EPSS Score: %11.88
    • Published: Apr. 23, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2988

    Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a de... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %4.82
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-27660

    SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.... Read more

    Affected Products : safeaccess
    • EPSS Score: %2.20
    • Published: Nov. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5944

    The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions... Read more

    • EPSS Score: %1.49
    • Published: Oct. 03, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 292318 Results