Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-4461

    Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors.... Read more

    Affected Products : ipcheck_server_monitor
    • EPSS Score: %0.39
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-13159

    Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818.... Read more

    Affected Products : artica_proxy
    • EPSS Score: %17.65
    • Published: Jun. 22, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-4309

    VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protected, which allows remote attackers to login and view RDP or Citrix sessions.... Read more

    Affected Products : windows_terminal
    • EPSS Score: %0.92
    • Published: Aug. 23, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4304

    Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly e... Read more

    Affected Products : freebsd netbsd openbsd
    • EPSS Score: %6.86
    • Published: Aug. 24, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4098

    Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet.... Read more

    Affected Products : secure_access_control_server
    • EPSS Score: %14.34
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-4037

    Unspecified vulnerability in Fenestrae Faxination Server allows remote attackers to execute arbitrary code via a crafted packet.... Read more

    Affected Products : faxination_server
    • EPSS Score: %3.67
    • Published: Aug. 09, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4084

    Unspecified vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4 has unknown impact and attack vectors, related to "a potential security exploit which is critical."... Read more

    Affected Products : phpautomembersarea
    • EPSS Score: %0.39
    • Published: Aug. 11, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3892

    The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : networker
    • EPSS Score: %9.45
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-3838

    Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network ... Read more

    Affected Products : enterprise_security_analyzer
    • EPSS Score: %71.53
    • Published: Jul. 27, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3724

    Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact and attack vectors, aka Oracle Vuln# JDE01.... Read more

    Affected Products : enterpriseone
    • EPSS Score: %3.57
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3717

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS03 and (2) APPS04 for Oracle Application Object Library; and (3) APPS20 for Oracle XML Gateway.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %3.57
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-12775

    Hicos citizen certificate client-side component does not filter special characters for command parameters in specific web URLs. An unauthenticated remote attacker can exploit this vulnerability to perform command injection attack to execute arbitrary syst... Read more

    Affected Products : hicos
    • EPSS Score: %4.04
    • Published: Mar. 01, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-3573

    Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0.9.4 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a player nickname.... Read more

    Affected Products : sparklet
    • EPSS Score: %23.84
    • Published: Jul. 13, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-11560

    A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models allows an unauthenticated attacker to remotely run arbitrary code by sending a special RTSP over HTTP packet. The vulnerability was found in many cameras using ... Read more

    Affected Products : hi3516_firmware hi3516
    • EPSS Score: %0.72
    • Published: May. 07, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-3439

    Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.... Read more

    • EPSS Score: %88.96
    • Published: Aug. 09, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2020-12493

    An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb opera... Read more

    Affected Products : cpu_ls4000_firmware
    • EPSS Score: %0.30
    • Published: May. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-4439

    PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio before 1.6.3 allows remote attackers to execute arbitrary PHP code via a URL in the INSTALL_FOLDER parameter. NOTE: the provenance of this information is unknown;... Read more

    Affected Products : datafeed_studio
    • EPSS Score: %0.76
    • Published: Oct. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2020-12388

    The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.... Read more

    Affected Products : firefox firefox_esr windows
    • EPSS Score: %1.50
    • Published: May. 26, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-3232

    Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "UserNameToken cache was improperly used."... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.53
    • Published: Jun. 27, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-12441

    Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 due to a buffer overflow in the protocol parser of the ‘HEATRemoteService’ agent. The DoS can be triggered by sending a specially crafted network packet.... Read more

    • EPSS Score: %8.68
    • Published: Aug. 06, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292518 Results