Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-6884

    The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges.... Read more

    • EPSS Score: %40.27
    • Published: Jan. 07, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6881

    CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task.... Read more

    • EPSS Score: %41.21
    • Published: Jan. 07, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5667

    The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.... Read more

    • EPSS Score: %2.60
    • Published: Jan. 24, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-7248

    Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_... Read more

    Affected Products : ts-550_evo_firmware ts-550_evo
    • EPSS Score: %11.84
    • Published: Jan. 26, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-6034

    The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for ... Read more

    • EPSS Score: %0.30
    • Published: Feb. 04, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2005-1365

    Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences.... Read more

    Affected Products : pico_server
    • EPSS Score: %7.34
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2014-0787

    Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet.... Read more

    Affected Products : kingscada kingview
    • EPSS Score: %53.62
    • Published: Apr. 12, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-6218

    Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : network_node_manager_i
    • EPSS Score: %31.62
    • Published: Apr. 19, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-4730

    Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.... Read more

    Affected Products : pcman\'s_ftp_server
    • EPSS Score: %75.87
    • Published: May. 15, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2006-1880

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, as identified by Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS09 in the (b) Oracle Diagnostics Interf... Read more

    Affected Products : e-business_suite
    • EPSS Score: %2.30
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2014-3791

    Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.... Read more

    Affected Products : easy_file_sharing_web_server
    • EPSS Score: %77.23
    • Published: May. 20, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-3936

    Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi in D-Link DSP-W215 (Rev. A1) with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbi... Read more

    • EPSS Score: %86.28
    • Published: Jun. 02, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-5390

    The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.... Read more

    Affected Products : condor
    • EPSS Score: %1.87
    • Published: Jun. 06, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-4152

    The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute arbitrary code via a crafted remote_task request, related to injecting an ssh public key.... Read more

    • EPSS Score: %11.38
    • Published: Jun. 18, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-5106

    Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a PUT command.... Read more

    Affected Products : freefloat_ftp_server
    • EPSS Score: %31.05
    • Published: Jun. 20, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-3073

    Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    • EPSS Score: %11.99
    • Published: Jun. 21, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-4648

    Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact and attack vectors, related to a "security failure."... Read more

    Affected Products : piwigo
    • EPSS Score: %0.44
    • Published: Jun. 28, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-3914

    Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows remote attackers to (1) create arbitrary files via a .. (dot dot) in the query parameter in a writeDataFile action to the fileRequestor... Read more

    Affected Products : rocket_servergraph
    • EPSS Score: %81.11
    • Published: Aug. 07, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0609

    Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.... Read more

    • EPSS Score: %0.21
    • Published: Aug. 17, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-4823

    The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system comman... Read more

    • EPSS Score: %7.64
    • Published: Oct. 03, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 290940 Results