Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-10835

    An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).... Read more

    Affected Products : exynos
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-3254

    The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum... Read more

    Affected Products : cgiwrap
    • Published: Oct. 18, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-3296

    The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.... Read more

    Affected Products : hp-ux
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-3057

    The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response ha... Read more

    Affected Products : fortios fortigate
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-3059

    Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to (1) " handling of must-revalidate cache directive for HTTPS pages" or (2) a "display issue with cookie comment encoding."... Read more

    Affected Products : linux_kernel opera_browser windows
    • Published: Sep. 26, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-0690

    An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.... Read more

    • Published: Mar. 12, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2428

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ... Read more

    Affected Products : jdk jre javafx
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-0646

    A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.... Read more

    • Actively Exploited
    • Published: Jan. 14, 2020
    • Modified: Apr. 04, 2025

  • 10.0

    HIGH
    CVE-2005-2771

    WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restric... Read more

    • Published: Sep. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-0610

    A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Rem... Read more

    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-2758

    Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.... Read more

    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2700

    ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended a... Read more

    Affected Products : ubuntu_linux debian_linux http_server
    • Published: Sep. 06, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2013-2555

    Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Ado... Read more

    • Published: Mar. 11, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-0609

    A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Rem... Read more

    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-2593

    Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors.... Read more

    Affected Products : mindalign
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-0380

    In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A... Read more

    Affected Products : android
    • Published: Sep. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2005-2286

    WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct request to a resource.... Read more

    Affected Products : webeoc
    • Published: Jul. 18, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2277

    Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.... Read more

    Affected Products : affix
    • Published: Jul. 15, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2249

    Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact and attack vectors, possibly involving a PHP file inclusion vulnerability.... Read more

    Affected Products : jinzora
    • Published: Jul. 13, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-0278

    There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574... Read more

    Affected Products : android
    • Published: Sep. 17, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results