Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-1320

    Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Buffer Overflow Vulnerability."... Read more

    Affected Products : publisher
    • EPSS Score: %59.58
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1372

    Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and ... Read more

    • EPSS Score: %4.19
    • Published: Feb. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-1478

    Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.... Read more

    Affected Products : cacti
    • EPSS Score: %0.59
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2013-1375

    Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Androi... Read more

    • EPSS Score: %10.64
    • Published: Mar. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-4642

    Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Writ... Read more

    Affected Products : doomsday
    • EPSS Score: %29.10
    • Published: Aug. 31, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-1330

    The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by l... Read more

    • EPSS Score: %67.30
    • Published: Sep. 11, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-24918

    A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parse_authentication_header() in l... Read more

    Affected Products : oryx_rtsp_server
    • EPSS Score: %13.03
    • Published: Apr. 30, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6114

    Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file... Read more

    Affected Products : wireshark
    • EPSS Score: %3.70
    • Published: Nov. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2005-2611

    VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allo... Read more

    • EPSS Score: %81.84
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-6454

    Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.... Read more

    Affected Products : peercast
    • EPSS Score: %25.04
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-1221

    The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, ... Read more

    Affected Products : unified_customer_voice_portal
    • EPSS Score: %6.26
    • Published: May. 09, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-0348

    Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.... Read more

    • EPSS Score: %1.72
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2005-3267

    Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter val... Read more

    Affected Products : skype skype
    • EPSS Score: %18.24
    • Published: Oct. 27, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-0067

    Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the Op... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %74.62
    • Published: Jan. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0122

    Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via ... Read more

    Affected Products : freebsd bind
    • EPSS Score: %2.01
    • Published: Jan. 16, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0247

    Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 before 5.3.7.3 allows remote attackers to execute arbitrary code via a packet with a large length value.... Read more

    Affected Products : tivoli_storage_manager_express
    • EPSS Score: %36.03
    • Published: Jan. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2016-3657

    Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code... Read more

    Affected Products : pan-os
    • EPSS Score: %3.03
    • Published: Apr. 12, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-24634

    An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility C... Read more

    Affected Products : arubaos sd-wan 9004 9004-lte 9012 7005 7008 7010 7024 7030 +5 more products
    • EPSS Score: %0.24
    • Published: Dec. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-24652

    A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %2.83
    • Published: Oct. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-24639

    There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host ope... Read more

    Affected Products : airwave_glass
    • EPSS Score: %0.74
    • Published: Jan. 15, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292719 Results