Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2012-3278

    Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet.... Read more

    Affected Products : diagnostics_server
    • EPSS Score: %41.01
    • Published: Jan. 25, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-1882

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln# (1) APPS03 in (a) iProcurement; (2) APPS04 in (b) Oracle Application Object Library; (3) APPS06, (4) AP... Read more

    Affected Products : e-business_suite
    • EPSS Score: %6.29
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1883

    Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite and Applications 11.5.10CU1 has unknown impact and attack vectors, aka Vuln# APPS05.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.98
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-4705

    Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.... Read more

    Affected Products : codesys_gateway-server
    • EPSS Score: %70.39
    • Published: Feb. 24, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-4707

    3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access.... Read more

    Affected Products : codesys_gateway-server
    • EPSS Score: %8.42
    • Published: Feb. 24, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2762

    The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions via crafted configuration data.... Read more

    Affected Products : magelis_xbt_hmi
    • EPSS Score: %0.08
    • Published: Apr. 04, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-3075

    Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code via a long string, as demonstrated by a long WzTitle pro... Read more

    • EPSS Score: %34.69
    • Published: Apr. 19, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1221

    The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, ... Read more

    Affected Products : unified_customer_voice_portal
    • EPSS Score: %6.26
    • Published: May. 09, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2781

    Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : codesys_gateway-server
    • EPSS Score: %4.32
    • Published: May. 23, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1777

    The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not properly implement the RMI classloader, which allows remote attackers to execute a... Read more

    • EPSS Score: %4.82
    • Published: Jul. 11, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4031

    The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for t... Read more

    • EPSS Score: %2.51
    • Published: Aug. 09, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2802

    The universal protocol implementation in Sixnet UDR before 2.0 and RTU firmware before 4.8 allows remote attackers to execute arbitrary code; read, modify, or create files; or obtain file metadata via function opcodes.... Read more

    Affected Products : udr rtu_firmware
    • EPSS Score: %4.10
    • Published: Aug. 21, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-3607

    Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SP... Read more

    • EPSS Score: %14.30
    • Published: Sep. 08, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2935

    Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.... Read more

    Affected Products : cloudportal_services_manager
    • EPSS Score: %0.42
    • Published: Sep. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4811

    UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp ... Read more

    • EPSS Score: %83.54
    • Published: Sep. 16, 2013
    • Modified: Apr. 22, 2025

  • 10.0

    HIGH
    CVE-2013-4812

    UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp fi... Read more

    • EPSS Score: %74.00
    • Published: Sep. 16, 2013
    • Modified: Apr. 22, 2025

  • 10.0

    HIGH
    CVE-2013-5403

    Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors.... Read more

    • EPSS Score: %1.89
    • Published: Sep. 27, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4042

    Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-5370.... Read more

    • EPSS Score: %19.22
    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-1879

    Multiple unspecified vulnerabilities in the Email Server component in Oracle Collaboration Suite 9.0.4.2, 10.1.1, 10.1.2.0, and 10.1.2.1 have unknown impact and attack vectors, aka Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04.... Read more

    Affected Products : collaboration_suite
    • EPSS Score: %4.91
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2013-7095

    The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.... Read more

    Affected Products : customer_relationship_management
    • EPSS Score: %1.27
    • Published: Dec. 13, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 290940 Results