Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2002-1360

    Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to ... Read more

    • EPSS Score: %4.13
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-5360

    Unspecified vulnerability in Oracle Forms component in Oracle Application Server 9.0.4.2 has unknown impact and remote attack vectors, aka Vuln# FORM03.... Read more

    Affected Products : application_server
    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-0113

    Some implementations of rlogin allow root access if given a -froot parameter.... Read more

    Affected Products : aix
    • EPSS Score: %18.66
    • Published: May. 23, 1994
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0206

    MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.... Read more

    Affected Products : sendmail
    • EPSS Score: %0.50
    • Published: Oct. 01, 1996
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0246

    HP Remote Watch allows a remote user to gain root access.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.73
    • Published: Oct. 01, 1996
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0356

    Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync,... Read more

    Affected Products : ethereal
    • EPSS Score: %28.41
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-6839

    Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."... Read more

    Affected Products : phpbb phpbb
    • EPSS Score: %0.43
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0460

    Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.53
    • Published: Jan. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0449

    Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote atta... Read more

    • EPSS Score: %81.66
    • Published: Jan. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2001-0053

    One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.... Read more

    Affected Products : netbsd openbsd ftpd-bsd
    • EPSS Score: %15.60
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-1794

    The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this i... Read more

    Affected Products : solaris sunos mozilla
    • EPSS Score: %3.32
    • Published: Apr. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2002-0083

    Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.... Read more

    • EPSS Score: %4.08
    • Published: Mar. 15, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-3193

    lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDA... Read more

    Affected Products : phpwiki phpwiki
    • EPSS Score: %2.55
    • Published: Jun. 12, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2002-1478

    Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.... Read more

    Affected Products : cacti
    • EPSS Score: %0.59
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-4642

    Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Writ... Read more

    Affected Products : doomsday
    • EPSS Score: %29.10
    • Published: Aug. 31, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6114

    Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file... Read more

    Affected Products : wireshark
    • EPSS Score: %3.70
    • Published: Nov. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2005-2611

    VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allo... Read more

    • EPSS Score: %81.84
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-6454

    Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.... Read more

    Affected Products : peercast
    • EPSS Score: %25.04
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0348

    Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.... Read more

    • EPSS Score: %1.72
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2005-3267

    Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter val... Read more

    Affected Products : skype skype
    • EPSS Score: %18.24
    • Published: Oct. 27, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292110 Results