Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-4615

    Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.... Read more

    Affected Products : portalapp
    • EPSS Score: %0.34
    • Published: Oct. 20, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4630

    Multiple unspecified vulnerabilities in Midgard Components (MidCOM) Framework before 8.09.1 have unknown impact and attack vectors.... Read more

    Affected Products : midgard_components_framework
    • EPSS Score: %0.38
    • Published: Oct. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4556

    Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.... Read more

    Affected Products : solaris
    • EPSS Score: %79.31
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4526

    Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php and ... Read more

    Affected Products : ccms
    • EPSS Score: %1.98
    • Published: Oct. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4557

    plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression.... Read more

    Affected Products : cutenews
    • EPSS Score: %8.28
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4559

    HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program. NOTE: this issue may be partially cove... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %3.97
    • Published: Feb. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4541

    Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.... Read more

    Affected Products : java_system_web_proxy_server
    • EPSS Score: %15.79
    • Published: Oct. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4588

    Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command.... Read more

    Affected Products : eserv
    • EPSS Score: %9.26
    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4563

    Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attac... Read more

    • EPSS Score: %37.04
    • Published: Mar. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-2023

    Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026.... Read more

    Affected Products : illustrator illustrator_cs5.5
    • EPSS Score: %25.02
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-4478

    Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x... Read more

    Affected Products : edirectory
    • EPSS Score: %65.89
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4502

    Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DFF) PHP Framework API allow remote attackers to execute arbitrary PHP code via a URL in the DFF_config[dir_include] parameter to (1) DFF_affiliate_client_API.php, (2) DFF_featured_prdt.f... Read more

    Affected Products : dff_framework_api
    • EPSS Score: %1.10
    • Published: Oct. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4479

    Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header.... Read more

    Affected Products : edirectory
    • EPSS Score: %31.88
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5025

    Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack vectors.... Read more

    Affected Products : simple_http_scanner
    • EPSS Score: %0.39
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5024

    Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.4 have unknown impact and attack vectors.... Read more

    Affected Products : simple_http_scanner
    • EPSS Score: %0.48
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-4902

    The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malici... Read more

    • EPSS Score: %8.92
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2020-13300

    GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.23
    • Published: Sep. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-4691

    Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.... Read more

    Affected Products : windows_2000 windows_xp
    • EPSS Score: %88.89
    • Published: Nov. 14, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-4509

    Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request.... Read more

    Affected Products : edirectory
    • EPSS Score: %44.87
    • Published: Oct. 24, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-4461

    Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors.... Read more

    Affected Products : ipcheck_server_monitor
    • EPSS Score: %0.39
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 292425 Results