Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-6904

    Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have bee... Read more

    Affected Products : anti-virus anti-virus7.6.3
    • Published: Aug. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6833

    Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for a blogs action, as demonstrated by the files[0] paramete... Read more

    Affected Products : fuzzylime_\(cms\)
    • Published: Jun. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6824

    The management interface on the A-LINK WL54AP3 and WL54AP2 access points has a blank default password for the admin account, which makes it easier for remote attackers to obtain access.... Read more

    Affected Products : wl54ap2 wl54ap3
    • Published: Jun. 04, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6816

    Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via pane_actionbutton.php, and then executing this action via exec_action.php.... Read more

    Affected Products : network_shutdown_module
    • Published: May. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6826

    dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter, as demonstrated using the (1) advert_top.htm or (2) advert_login.htm pages.... Read more

    Affected Products : ads_pro
    • Published: Jun. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6761

    Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions... Read more

    Affected Products : flexcustomer0.0.6
    • Published: Apr. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6602

    Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors related to "A minor security fix."... Read more

    Affected Products : download_center_lite
    • Published: Apr. 03, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6566

    Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown impact and attack vectors related to a "major security" vulnerability.... Read more

    Affected Products : octopussy
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6578

    Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.... Read more

    Affected Products : cs1000
    • Published: Apr. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6536

    Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and remote attack vectors, as demonstrated by the PROTOS GENOME test suite for Archive Formats (c10).... Read more

    Affected Products : 7-zip
    • Published: Mar. 30, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6444

    Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute arbitrary code via a crafted packet, probably related to an improper length value.... Read more

    Affected Products : baidu_hi
    • Published: Mar. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6110

    Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php.... Read more

    Affected Products : semanticscuttle
    • Published: Feb. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6158

    Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0 have unknown impact and remote attack vectors.... Read more

    Affected Products : w3b\>cms
    • Published: Feb. 17, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6005

    Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs.... Read more

    Affected Products : amaya_web_browser
    • Published: Jan. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5911

    Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NT... Read more

    Affected Products : helix_server helix_server_mobile
    • Published: Jan. 20, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5982

    Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.... Read more

    Affected Products : patrol_agent
    • Published: Jan. 27, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5963

    Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter.... Read more

    Affected Products : gravity-gtd
    • Published: Jan. 23, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5848

    The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.... Read more

    • Published: Jan. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5722

    Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.... Read more

    Affected Products : sawstudio
    • Published: Dec. 26, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5685

    Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller (SC), the system console, and possibly the host OS, and cause a denial of service (shutdown or reboot), v... Read more

    Affected Products : scapp netra sun_fire
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 293331 Results