Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-8481

    For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, ... Read more

    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-3079

    The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.... Read more

    • Published: May. 01, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2005-0491

    Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.... Read more

    Affected Products : arkeia_server_backup
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-3496

    Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 06, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-1550

    Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter.... Read more

    Affected Products : openview_network_node_manager
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2020-15148

    Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisor... Read more

    Affected Products : yii
    • Published: Sep. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-4953

    Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : typo3 jw_calendar
    • Published: Oct. 09, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4931

    Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party... Read more

    Affected Products : php-fusion
    • Published: Oct. 09, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-6948

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-4773

    Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service before 07-60 -/D 2010.11.15 on Windows, before 05-10 -/D... Read more

    • Published: Mar. 23, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4803

    Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : mojolicious
    • Published: May. 03, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3545

    Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidential... Read more

    Affected Products : jrockit jre jdk
    • Published: Oct. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4525

    Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors.... Read more

    Affected Products : advantech_webaccess
    • Published: Feb. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4713

    Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header.... Read more

    Affected Products : groupwise
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4724

    Multiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have unknown impact and remote attack vectors.... Read more

    Affected Products : smarty
    • Published: Feb. 03, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4712

    Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) char... Read more

    Affected Products : groupwise
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4711

    Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.... Read more

    Affected Products : groupwise
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4744

    Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441.... Read more

    Affected Products : fedora abcm2ps
    • Published: Feb. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4524

    Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters.... Read more

    Affected Products : advantech_webaccess
    • Published: Feb. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4511

    Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 has unknown impact and attack vectors related to the "dynamic publishing error message."... Read more

    Affected Products : movable_type movabletype
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 292795 Results