Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-9047

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GNSS when performing a scan after bootup.... Read more

    Affected Products : android
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-9065

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access Stratum security is established.... Read more

    Affected Products : android
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-9073

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.... Read more

    Affected Products : android
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-5871

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file.... Read more

    Affected Products : android
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2014-7858

    The check_login function in D-Link DNR-326 before 2.10 build 03 allows remote attackers to bypass authentication and log in by setting the username cookie parameter to an arbitrary string.... Read more

    Affected Products : dnr-326_firmware dnr-326
    • Published: Aug. 25, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-10832

    "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.... Read more

    Affected Products : scr02hd_firmware scr02hd
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2021-34080

    OS Command Injection vulnerability in es128 ssl-utils 1.0.0 for Node.js allows attackers to execute arbitrary commands via unsanitized shell metacharacters provided to the createCertRequest() and the createCert() functions.... Read more

    Affected Products : ssl-utils
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-28605

    Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory... Read more

    Affected Products : android iphone_os sound_bar
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12708

    An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities that allow invalid locations to be referenced for ... Read more

    Affected Products : webaccess
    • Published: Aug. 30, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2021-42875

    TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cste_modules/system.so to control the ipDoamin.... Read more

    Affected Products : ex1200t_firmware ex1200t
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29084

    Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain a... Read more

    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30914

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateMacClone parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30919

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID_5G parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30922

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditWlanMacList parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-35081

    Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Indu... Read more

    • Published: Jun. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20127

    In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi... Read more

    Affected Products : android
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20167

    Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A... Read more

    Affected Products : android
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20825

    A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resultin... Read more

    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-24562

    In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remot... Read more

    Affected Products : iotransfer
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-0856

    Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293508 Results