Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-5154

    An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.... Read more

    Affected Products : s14_firmware s14
    • Published: Feb. 09, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-14070

    An issue was discovered in MK-AUTH 19.01. There is authentication bypass in the web login functionality because guessable credentials to admin/executar_login.php result in admin access.... Read more

    Affected Products : mk-auth
    • Published: Jun. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-5143

    GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or depen... Read more

    Affected Products : discovery_530c_firmware
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2009-5071

    Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact template file."... Read more

    Affected Products : palm_pre_webos
    • Published: Apr. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-5074

    Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors.... Read more

    Affected Products : mojolicious
    • Published: May. 03, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-4584

    Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.... Read more

    Affected Products : bitchx
    • Published: Aug. 29, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-4988

    Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000.... Read more

    Affected Products : business_one_2005-a
    • Published: Aug. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2024-11317

    Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3... Read more

    • Published: Dec. 05, 2024
    • Modified: Apr. 10, 2025

  • 10.0

    HIGH
    CVE-2013-0650

    Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Andr... Read more

    • Published: Mar. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-4873

    Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie.... Read more

    Affected Products : serv-u
    • Published: May. 26, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0615

    Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0617, and CV... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Jan. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2662

    Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message.... Read more

    Affected Products : groupwise
    • Published: Oct. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6112

    Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : wireshark
    • Published: Nov. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2020-17407

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of aut... Read more

    Affected Products : bullet-lte_firmware bullet-lte
    • Published: Oct. 13, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-11186

    On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-pre... Read more

    Affected Products : cloudvision_portal
    • Published: May. 08, 2025
    • Modified: May. 12, 2025
    • Vuln Type: Authorization

  • 10.0

    HIGH
    CVE-2009-4741

    Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors.... Read more

    Affected Products : windows skype
    • Published: Mar. 26, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-3120

    Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers... Read more

    • Published: Jul. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2008-2799

    Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown ... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-5086

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ... Read more

    Affected Products : jdk jre jre jdk
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6493

    The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to execute arbitrary code via a certain argument to the SetHandler method.... Read more

    Affected Products : imesh
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 293261 Results