Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-7319

    The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execu... Read more

    Affected Products : net-ping-external
    • Published: Nov. 07, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2009-0133

    Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.... Read more

    Affected Products : html_help_workshop
    • Published: Jan. 15, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7230

    Unspecified vulnerability in Small Footprint CIM Broker (SFCB) before 1.2.5 has unknown impact and attack vectors.... Read more

    Affected Products : small_footprint_cim_broker
    • Published: Sep. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7232

    Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command.... Read more

    Affected Products : xtacacsd
    • Published: Sep. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7148

    Unspecified vulnerability in Synfig Animation Studio before 0.61.08 allows attackers to execute arbitrary code via a crafted .sif file.... Read more

    Affected Products : synfigstudio
    • Published: Sep. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7189

    Multiple unspecified vulnerabilities in Local Media Browser before 0.1 have unknown impact and attack vectors related to "Security holes."... Read more

    Affected Products : local_media_browser
    • Published: Sep. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7190

    Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS).... Read more

    Affected Products : adium
    • Published: Sep. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7174

    Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors related to improper use of the get... Read more

    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7109

    The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.... Read more

    Affected Products : scanner_file_utility
    • Published: Aug. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7149

    Unspecified vulnerability in AgileWiki before 0.10.1 has unknown impact and attack vectors related to passwords.... Read more

    Affected Products : agilewiki
    • Published: Sep. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7144

    Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (9) ZIP files, as demonstrated by the OUSPG PROTOS GENOME... Read more

    Affected Products : winrar
    • Published: Sep. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7115

    The web interface to the Belkin Wireless G router and ADSL2 modem F5D7632-4V6 with firmware 6.01.08 allows remote attackers to bypass authentication and gain administrator privileges via a direct request to (1) statusprocess.exe, (2) system_all.exe, or (3... Read more

    Affected Products : f5d7632-4 wireless_g_router
    • Published: Aug. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7031

    Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151.... Read more

    Affected Products : wac_server
    • Published: Aug. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6993

    Siemens Gigaset WLAN Camera 1.27 has an insecure default password, which allows remote attackers to conduct unauthorized activities. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.... Read more

    Affected Products : gigaset_wlan_camera
    • Published: Aug. 19, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7122

    Multiple insecure method vulnerabilities in an ActiveX control in (epRegPro.ocx) in Evans Programming Registry Pro allow remote attackers to read and modify sensitive registry keys via the (1) About, (2) CreateKey, (3) DeleteBranch, (4) DeleteKey, (5) Del... Read more

    Affected Products : registry_pro
    • Published: Aug. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-7004

    Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c.... Read more

    Affected Products : elog
    • Published: Aug. 19, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6937

    Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an xmpp:// URI, a different vector than CVE-2008-6935 and CV... Read more

    Affected Products : exodus
    • Published: Aug. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6935

    Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an im:// URI.... Read more

    Affected Products : exodus
    • Published: Aug. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6916

    Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname.... Read more

    Affected Products : speedstream_5200 netport_software
    • Published: Aug. 07, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6834

    Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/commupdate.php in a count action or (2) the heads paramete... Read more

    Affected Products : fuzzylime_\(cms\)
    • Published: Jun. 22, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 293298 Results