Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2022-29560

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM ROX MX5000RE (All versions < 2.15.1), RUGGEDCOM ROX RX1400 (All versions < 2.15.1), RUGGEDCOM ROX RX1500 (All versions < 2.15.1), RUGGEDCOM ROX RX1501 (All vers... Read more

    • EPSS Score: %0.97
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-6359

    QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors.... Read more

    Affected Products : qts
    • EPSS Score: %78.13
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2014-4487

    Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x iphone_os tvos
    • EPSS Score: %2.42
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-2830

    Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.... Read more

    Affected Products : cifs-utils
    • EPSS Score: %3.69
    • Published: Mar. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-0444

    Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruptio... Read more

    • EPSS Score: %2.23
    • Published: Feb. 01, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-24384

    A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5... Read more

    • EPSS Score: %5.64
    • Published: Nov. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0080

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and ap... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %1.85
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0267

    Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %80.16
    • Published: Jan. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-4213

    IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Fo... Read more

    • EPSS Score: %28.94
    • Published: Feb. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-5134

    Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."... Read more

    Affected Products : linux_kernel
    • EPSS Score: %2.82
    • Published: Nov. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-4652

    Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection.... Read more

    • EPSS Score: %11.12
    • Published: Aug. 01, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0478

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale point... Read more

    Affected Products : chrome chrome_os
    • EPSS Score: %2.52
    • Published: Jan. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-7252

    libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.... Read more

    Affected Products : phpmyadmin
    • EPSS Score: %3.14
    • Published: Jan. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-7811

    Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56.... Read more

    Affected Products : firefox
    • EPSS Score: %2.63
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-7827

    Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57.... Read more

    Affected Products : firefox
    • EPSS Score: %2.65
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-0138

    servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %2.50
    • Published: Feb. 13, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-0815

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affe... Read more

    Affected Products : jre jdk
    • EPSS Score: %7.57
    • Published: Jun. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0873

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ... Read more

    Affected Products : jre jdk
    • EPSS Score: %14.99
    • Published: Jun. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2022-24884

    ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, ma... Read more

    Affected Products : fedora debian_linux ecdsautils
    • EPSS Score: %0.09
    • Published: May. 06, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-28900

    Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.... Read more

    Affected Products : nagios_xi fusion
    • EPSS Score: %0.47
    • Published: May. 24, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291368 Results