Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-6949

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %2.16
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7006

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.70
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2011-1853

    tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %15.65
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-16204

    The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).... Read more

    • EPSS Score: %5.82
    • Published: Sep. 01, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1807

    Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write.... Read more

    Affected Products : chrome
    • EPSS Score: %5.40
    • Published: May. 26, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1854

    Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %18.95
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1732

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.... Read more

    Affected Products : openview_storage_data_protector
    • EPSS Score: %47.13
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1734

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message.... Read more

    Affected Products : openview_storage_data_protector
    • EPSS Score: %38.90
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-0882

    Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.... Read more

    • EPSS Score: %33.01
    • Published: Jan. 27, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0891

    Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded co... Read more

    • EPSS Score: %5.44
    • Published: Jan. 27, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-16209

    A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0) by constructing messages with sufficiently large payloads to overflow the internal buffer and crash the device, or obtain control of the device.... Read more

    • EPSS Score: %0.28
    • Published: May. 19, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-16152

    The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then trave... Read more

    Affected Products : aerohive_netconfig
    • EPSS Score: %84.90
    • Published: Nov. 14, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-10601

    A specific device configuration can result in a commit failure condition. When this occurs, a user is logged in without being prompted for a password while trying to login through console, ssh, ftp, telnet or su, etc., This issue relies upon a device conf... Read more

    Affected Products : junos
    • EPSS Score: %0.42
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-1092

    IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.... Read more

    Affected Products : informix_open_admin_tool
    • EPSS Score: %76.36
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2011-1566

    Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 t... Read more

    Affected Products : igss
    • EPSS Score: %77.66
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1563

    Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via (1) a long username in an On_FC_CONNECT_FCS_LOGIN packet, and crafted (2) On_FC_C... Read more

    Affected Products : realwin
    • EPSS Score: %58.36
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1567

    Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (... Read more

    Affected Products : igss
    • EPSS Score: %79.00
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2004-1034

    Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header fo... Read more

    Affected Products : linux kaffeine_player gxine
    • EPSS Score: %5.93
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-1568

    Format string vulnerability in the logText function in shmemmgr9.dll in IGSSdataServer.exe 9.00.00.11074, and 9.00.00.11063 and earlier, in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to cause a denial of service and p... Read more

    Affected Products : igss
    • EPSS Score: %51.08
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1564

    Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via crafted (1) On_FC_MISC_FCS_MSGBROADCAST and (2) On_FC_MISC_FCS_MSGSEND packets, which trigge... Read more

    Affected Products : realwin
    • EPSS Score: %44.56
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 292626 Results