Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2002-0721

    Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator pri... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %54.35
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0779

    Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %80.72
    • Published: Oct. 18, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0029

    Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup.... Read more

    Affected Products : oops_proxy_server
    • EPSS Score: %7.07
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0945

    The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.... Read more

    Affected Products : catalyst_3500_xl
    • EPSS Score: %87.93
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0554

    NFS exports system-critical data to the world, e.g. / or a password file.... Read more

    Affected Products :
    • EPSS Score: %25.26
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0368

    Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.... Read more

    • EPSS Score: %48.33
    • Published: Feb. 09, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-0910

    Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.... Read more

    Affected Products : php secure_linux
    • EPSS Score: %6.35
    • Published: Feb. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0748

    Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request.... Read more

    • EPSS Score: %19.69
    • Published: May. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0236

    Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that trigge... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %49.50
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6917

    Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly ... Read more

    • EPSS Score: %49.80
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6636

    Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5.1.1.13 and 6.x before 6.0.2.17 has unknown impact and attack vectors.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.66
    • Published: Dec. 19, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5855

    Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that beg... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %65.26
    • Published: Dec. 06, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5819

    Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script.... Read more

    Affected Products : ultraseek
    • EPSS Score: %6.36
    • Published: Nov. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3927

    Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an unspecified vector related to "subscri... Read more

    • EPSS Score: %70.17
    • Published: Jul. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0341

    Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10.1.0.5 has unknown impact and remote attack vectors, aka DB03.... Read more

    Affected Products : database_server
    • EPSS Score: %2.30
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3377

    Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • EPSS Score: %8.22
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-4203

    WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.... Read more

    • EPSS Score: %8.12
    • Published: Nov. 06, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-1497

    radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.... Read more

    Affected Products : radia_client_automation
    • EPSS Score: %88.26
    • Published: Feb. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-3323

    A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper v... Read more

    • EPSS Score: %2.84
    • Published: Jul. 16, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-8418

    Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to ... Read more

    • EPSS Score: %11.15
    • Published: Dec. 10, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291360 Results