Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-1999-0011

    Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.... Read more

    Affected Products : aix sunos bind netbsd linux unixware openserver open_desktop unix asl_ux_4800 +1 more products
    • EPSS Score: %10.98
    • Published: Apr. 08, 1998
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-0498

    TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files.... Read more

    Affected Products :
    • EPSS Score: %1.27
    • Published: Sep. 27, 1991
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0943

    Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator.... Read more

    Affected Products : openlink
    • EPSS Score: %3.14
    • Published: Oct. 15, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0287

    The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter.... Read more

    Affected Products : technology_bizdb
    • EPSS Score: %5.42
    • Published: Apr. 12, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2475

    Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string spe... Read more

    Affected Products : onebridge_mobile_data_suite
    • EPSS Score: %4.72
    • Published: Jun. 09, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2451

    Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory ... Read more

    • EPSS Score: %1.77
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-0354

    Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in... Read more

    Affected Products : anubis
    • EPSS Score: %6.24
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2453

    Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory ... Read more

    • EPSS Score: %1.77
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-0523

    Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.... Read more

    • EPSS Score: %13.60
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0541

    Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).... Read more

    Affected Products : squid_web_proxy_cache
    • EPSS Score: %78.28
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2446

    The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2448.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %5.76
    • Published: Nov. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-1012

    The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increme... Read more

    • EPSS Score: %10.24
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2448

    The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2446.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %5.76
    • Published: Nov. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2447

    Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %5.76
    • Published: Nov. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-0987

    Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : yard_radius yard_radius
    • EPSS Score: %5.48
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2422

    Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %9.87
    • Published: Aug. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-0048

    Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.... Read more

    Affected Products : linux rsync
    • EPSS Score: %69.46
    • Published: Feb. 27, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-2123

    Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.3 up to 10.1.3.2.0, 10.1.2 up to 10.1.2.2.0, and 9.0.4.3 has unknown impact and attack vectors, aka AS04.... Read more

    Affected Products : application_server
    • EPSS Score: %1.12
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2415

    Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary c... Read more

    • EPSS Score: %13.36
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-0495

    csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.... Read more

    Affected Products : cssearch_professional
    • EPSS Score: %15.15
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292495 Results