Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-6602

    Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors related to "A minor security fix."... Read more

    Affected Products : download_center_lite
    • Published: Apr. 03, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6566

    Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown impact and attack vectors related to a "major security" vulnerability.... Read more

    Affected Products : octopussy
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6578

    Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.... Read more

    Affected Products : cs1000
    • Published: Apr. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6536

    Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and remote attack vectors, as demonstrated by the PROTOS GENOME test suite for Archive Formats (c10).... Read more

    Affected Products : 7-zip
    • Published: Mar. 30, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6444

    Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute arbitrary code via a crafted packet, probably related to an improper length value.... Read more

    Affected Products : baidu_hi
    • Published: Mar. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6110

    Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php.... Read more

    Affected Products : semanticscuttle
    • Published: Feb. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6158

    Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0 have unknown impact and remote attack vectors.... Read more

    Affected Products : w3b\>cms
    • Published: Feb. 17, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6005

    Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs.... Read more

    Affected Products : amaya_web_browser
    • Published: Jan. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5911

    Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NT... Read more

    Affected Products : helix_server helix_server_mobile
    • Published: Jan. 20, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5982

    Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.... Read more

    Affected Products : patrol_agent
    • Published: Jan. 27, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5963

    Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter.... Read more

    Affected Products : gravity-gtd
    • Published: Jan. 23, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5848

    The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.... Read more

    • Published: Jan. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5722

    Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.... Read more

    Affected Products : sawstudio
    • Published: Dec. 26, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5685

    Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller (SC), the system console, and possibly the host OS, and cause a denial of service (shutdown or reboot), v... Read more

    Affected Products : scapp netra sun_fire
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5649

    SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter.... Read more

    Affected Products : article_manager_pro
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5619

    html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is ... Read more

    Affected Products : webmail phpmailer
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5448

    Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-... Read more

    Affected Products : secure_backup
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2024-1597

    pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. Ther... Read more

    Affected Products : fedora postgresql_jdbc_driver
    • Published: Feb. 19, 2024
    • Modified: Jun. 12, 2025

  • 10.0

    HIGH
    CVE-2008-5444

    Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-2008-... Read more

    Affected Products : secure_backup
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5412

    Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438.... Read more

    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292814 Results