Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-7190

    Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS).... Read more

    Affected Products : adium
    • Published: Sep. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7174

    Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors related to improper use of the get... Read more

    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7109

    The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.... Read more

    Affected Products : scanner_file_utility
    • Published: Aug. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7149

    Unspecified vulnerability in AgileWiki before 0.10.1 has unknown impact and attack vectors related to passwords.... Read more

    Affected Products : agilewiki
    • Published: Sep. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7144

    Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (9) ZIP files, as demonstrated by the OUSPG PROTOS GENOME... Read more

    Affected Products : winrar
    • Published: Sep. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7115

    The web interface to the Belkin Wireless G router and ADSL2 modem F5D7632-4V6 with firmware 6.01.08 allows remote attackers to bypass authentication and gain administrator privileges via a direct request to (1) statusprocess.exe, (2) system_all.exe, or (3... Read more

    Affected Products : f5d7632-4 wireless_g_router
    • Published: Aug. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7031

    Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151.... Read more

    Affected Products : wac_server
    • Published: Aug. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6993

    Siemens Gigaset WLAN Camera 1.27 has an insecure default password, which allows remote attackers to conduct unauthorized activities. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.... Read more

    Affected Products : gigaset_wlan_camera
    • Published: Aug. 19, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7122

    Multiple insecure method vulnerabilities in an ActiveX control in (epRegPro.ocx) in Evans Programming Registry Pro allow remote attackers to read and modify sensitive registry keys via the (1) About, (2) CreateKey, (3) DeleteBranch, (4) DeleteKey, (5) Del... Read more

    Affected Products : registry_pro
    • Published: Aug. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7004

    Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c.... Read more

    Affected Products : elog
    • Published: Aug. 19, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6937

    Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an xmpp:// URI, a different vector than CVE-2008-6935 and CV... Read more

    Affected Products : exodus
    • Published: Aug. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6935

    Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an im:// URI.... Read more

    Affected Products : exodus
    • Published: Aug. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6916

    Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname.... Read more

    Affected Products : speedstream_5200 netport_software
    • Published: Aug. 07, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6834

    Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/commupdate.php in a count action or (2) the heads paramete... Read more

    Affected Products : fuzzylime_\(cms\)
    • Published: Jun. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6904

    Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have bee... Read more

    Affected Products : anti-virus anti-virus7.6.3
    • Published: Aug. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6833

    Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for a blogs action, as demonstrated by the files[0] paramete... Read more

    Affected Products : fuzzylime_\(cms\)
    • Published: Jun. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6824

    The management interface on the A-LINK WL54AP3 and WL54AP2 access points has a blank default password for the admin account, which makes it easier for remote attackers to obtain access.... Read more

    Affected Products : wl54ap2 wl54ap3
    • Published: Jun. 04, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6816

    Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via pane_actionbutton.php, and then executing this action via exec_action.php.... Read more

    Affected Products : network_shutdown_module
    • Published: May. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6826

    dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter, as demonstrated using the (1) advert_top.htm or (2) advert_login.htm pages.... Read more

    Affected Products : ads_pro
    • Published: Jun. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6761

    Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions... Read more

    Affected Products : flexcustomer0.0.6
    • Published: Apr. 28, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 292803 Results