Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-6881

    CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task.... Read more

    • Published: Jan. 07, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6838

    An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, whic... Read more

    Affected Products : ivr_pro vzkernel
    • Published: Jan. 28, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6822

    GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue.... Read more

    Affected Products : netweaver
    • Published: Nov. 20, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6774

    Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x ... Read more

    • Published: Mar. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-6775

    The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.... Read more

    Affected Products : android supersu
    • Published: Mar. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-6769

    The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su.... Read more

    Affected Products : android superuser
    • Published: Mar. 31, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-6671

    The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered lis... Read more

    • Published: Dec. 11, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2022-20708

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization... Read more

    • Actively Exploited
    • Published: Feb. 10, 2022
    • Modified: Mar. 13, 2025

  • 10.0

    HIGH
    CVE-2013-6490

    The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.... Read more

    Affected Products : pidgin
    • Published: Feb. 06, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-0846

    The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via ... Read more

    • Published: Apr. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2130

    Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary c... Read more

    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6345

    Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."... Read more

    Affected Products : zenworks_configuration_management
    • Published: Nov. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-27744

    An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.... Read more

    • Published: Oct. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2414

    Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary c... Read more

    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6288

    Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."... Read more

    Affected Products : typo3 apache_solr
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6245

    Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors.... Read more

    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6189

    Unspecified vulnerability in the Archive Query Server in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, and 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1666.... Read more

    Affected Products : application_information_optimizer
    • Published: Dec. 29, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6034

    The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for ... Read more

    • Published: Feb. 04, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-1372

    Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.... Read more

    Affected Products : clamav
    • Published: Apr. 23, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2988

    Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a de... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 293509 Results