Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2002-0467

    Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.... Read more

    Affected Products : ecartis listar
    • EPSS Score: %21.83
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-0417

    Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a dupli... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %0.55
    • Published: Apr. 27, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2626

    Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID.... Read more

    Affected Products : kismet
    • EPSS Score: %3.94
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2454

    Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory ... Read more

    • EPSS Score: %1.77
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3125

    Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."... Read more

    Affected Products : wordpress
    • EPSS Score: %1.27
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6679

    Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 befor... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.32
    • Published: Jan. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-1735

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.... Read more

    Affected Products : openview_storage_data_protector
    • EPSS Score: %46.09
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-0947

    Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.... Read more

    Affected Products : kerberos_5
    • EPSS Score: %35.26
    • Published: Mar. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-1167

    Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obta... Read more

    Affected Products : squid_analysis_report_generator
    • EPSS Score: %13.05
    • Published: Mar. 05, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2016-1118

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.11
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-5602

    The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows re... Read more

    • EPSS Score: %3.23
    • Published: Oct. 30, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-1909

    Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for th... Read more

    Affected Products : fortios
    • EPSS Score: %79.71
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2016-1985

    HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.... Read more

    Affected Products : windows operations_manager
    • EPSS Score: %3.23
    • Published: Jan. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-1543

    Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.... Read more

    Affected Products : mandrake_linux network_audio_system
    • EPSS Score: %7.70
    • Published: Mar. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-6271

    GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand fea... Read more

    • Actively Exploited
    • EPSS Score: %94.14
    • Published: Sep. 24, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-1297

    Buffer overflow in the process_font_table function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file.... Read more

    Affected Products : unrtf
    • EPSS Score: %7.76
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-0340

    Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04).... Read more

    • EPSS Score: %1.72
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-7898

    The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : windows ole_point_of_sale_driver
    • EPSS Score: %28.81
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-2874

    PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute arbitrary code via shell metacharacters in an unspecified context.... Read more

    Affected Products : commonspot_content_server
    • EPSS Score: %4.36
    • Published: Apr. 15, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-0414

    CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code... Read more

    Affected Products : openbsd propack linux openpkg cvs
    • EPSS Score: %5.25
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291398 Results