Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2011-1867

    Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission Defense (EAD) 5.0 before SP1 E0101P03 components in HP Intelligent Management Center (aka iNode Management Center) allows re... Read more

    • EPSS Score: %45.84
    • Published: Jul. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0994

    Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data.... Read more

    Affected Products : file_reporter
    • EPSS Score: %29.44
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2465

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and a... Read more

    • Actively Exploited
    • EPSS Score: %93.56
    • Published: Jun. 18, 2013
    • Modified: May. 06, 2025

  • 10.0

    HIGH
    CVE-2011-0078

    Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application ... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %3.13
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0056

    Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string valu... Read more

    Affected Products : firefox seamonkey
    • EPSS Score: %6.96
    • Published: Mar. 02, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4462

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availabi... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %7.41
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2107

    Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.... Read more

    Affected Products : chrome
    • EPSS Score: %0.35
    • Published: May. 28, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1769

    WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (applicati... Read more

    • EPSS Score: %5.48
    • Published: Jun. 18, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0886

    Unspecified vulnerability in the Java Deployment Toolkit component in Oracle Java SE and Java for Business JDK and JRE 6 Update 10 through 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : windows jre jdk
    • EPSS Score: %80.97
    • Published: Apr. 20, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1552

    Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %82.08
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0445

    Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, 8.12, and 8.13 allows remote attackers to execute arbitrary commands via unknown vectors.... Read more

    Affected Products : network_node_manager
    • EPSS Score: %1.88
    • Published: Feb. 11, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0138

    Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA Gener... Read more

    • EPSS Score: %10.86
    • Published: Jan. 21, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4178

    Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %86.10
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-4124

    Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1) String#ljust, (2) String#center, or (3) String#rjust. ... Read more

    Affected Products : ruby
    • EPSS Score: %2.05
    • Published: Dec. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-4012

    Multiple integer overflows in LibThai before 0.1.13 might allow context-dependent attackers to execute arbitrary code via long strings that trigger heap-based buffer overflows, related to (1) thbrk/thbrk.c and (2) thwbrk/thwbrk.c. NOTE: some of these det... Read more

    Affected Products : libthai
    • EPSS Score: %2.26
    • Published: Jan. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-3854

    Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %10.70
    • Published: Nov. 04, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3710

    RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username (dbadmin) and password (sq!us3r) for an SSH tunnel, which allows remote attackers to gain privileges via port 8022.... Read more

    Affected Products : rios
    • EPSS Score: %2.78
    • Published: Oct. 16, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2853

    Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7)... Read more

    Affected Products : wordpress
    • EPSS Score: %1.35
    • Published: Aug. 18, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2459

    Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \environ, (2) \input, and (3) \counter TeX directives.... Read more

    Affected Products : mimetex
    • EPSS Score: %0.47
    • Published: Jul. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1979

    Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained fro... Read more

    Affected Products : database_server
    • EPSS Score: %85.75
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 291275 Results