Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-0910

    Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.... Read more

    Affected Products : php secure_linux
    • EPSS Score: %6.35
    • Published: Feb. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0748

    Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request.... Read more

    • EPSS Score: %19.69
    • Published: May. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0236

    Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that trigge... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %49.50
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6917

    Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly ... Read more

    • EPSS Score: %49.80
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6636

    Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5.1.1.13 and 6.x before 6.0.2.17 has unknown impact and attack vectors.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.66
    • Published: Dec. 19, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5855

    Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that beg... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %65.26
    • Published: Dec. 06, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5819

    Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script.... Read more

    Affected Products : ultraseek
    • EPSS Score: %6.36
    • Published: Nov. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3927

    Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an unspecified vector related to "subscri... Read more

    • EPSS Score: %70.17
    • Published: Jul. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0341

    Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10.1.0.5 has unknown impact and remote attack vectors, aka DB03.... Read more

    Affected Products : database_server
    • EPSS Score: %2.30
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3377

    Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • EPSS Score: %8.22
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-4203

    WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.... Read more

    • EPSS Score: %8.12
    • Published: Nov. 06, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-1497

    radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.... Read more

    Affected Products : radia_client_automation
    • EPSS Score: %88.26
    • Published: Feb. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-3323

    A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper v... Read more

    • EPSS Score: %2.84
    • Published: Jul. 16, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-8418

    Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to ... Read more

    • EPSS Score: %11.15
    • Published: Dec. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-16844

    Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded rea... Read more

    Affected Products : procmail
    • EPSS Score: %14.20
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2006-1615

    Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence tha... Read more

    Affected Products : clamav
    • EPSS Score: %36.76
    • Published: Apr. 06, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1041

    Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges.... Read more

    Affected Products : ypbind
    • EPSS Score: %0.39
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0129

    Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.... Read more

    Affected Products : tinyproxy
    • EPSS Score: %9.56
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-6235

    A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack ... Read more

    • EPSS Score: %8.90
    • Published: Dec. 07, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-1376

    Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : internet_information_server
    • EPSS Score: %54.89
    • Published: Jan. 14, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 291558 Results