Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2023-28849

    GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.7, GLPI inventory endpoint can be used to drive a SQL injection attack. It can also be used to store malicious code that could be used to perform... Read more

    Affected Products : glpi
    • EPSS Score: %0.43
    • Published: Apr. 05, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-25136

    A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.... Read more

    Affected Products : firefox
    • EPSS Score: %0.32
    • Published: Jun. 19, 2023
    • Modified: Dec. 11, 2024

  • 10.0

    HIGH
    CVE-2008-3691

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMw... Read more

    Affected Products : player server workstation ace
    • EPSS Score: %1.64
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3576

    Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained fr... Read more

    Affected Products : openttd
    • EPSS Score: %13.18
    • Published: Aug. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3553

    Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 3-10." NOTE: as of 20080807... Read more

    Affected Products : series_40 j2me
    • EPSS Score: %5.15
    • Published: Aug. 08, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3551

    Multiple unspecified vulnerabilities in Sun Java Platform Micro Edition (aka Java ME, J2ME, or mobile Java), as distributed in Sun Wireless Toolkit 2.5.2, allow remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20080807, the onl... Read more

    • EPSS Score: %5.43
    • Published: Aug. 08, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3552

    Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition FP1, and possibly later devices, allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 11... Read more

    Affected Products : series_40
    • EPSS Score: %5.15
    • Published: Aug. 08, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3453

    Multiple unspecified vulnerabilities in ImpressCMS 1.0 have unknown impact and attack vectors, related to modules/admin.php and "a few files."... Read more

    Affected Products : impresscms
    • EPSS Score: %0.33
    • Published: Aug. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3455

    PHP remote file inclusion vulnerability in include/admin.php in JnSHosts PHP Hosting Directory 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the rd parameter.... Read more

    Affected Products : php_hosting_directory
    • EPSS Score: %1.30
    • Published: Aug. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3411

    The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 software does not require authentication for (1) etc/config/System.html, (2) etc/config/Network.html, (3) etc/config/Security.html, (4) cgi-bin/sysconf.cgi, and (5) cgi-bin/route.cgi, which a... Read more

    Affected Products : akw-d800
    • EPSS Score: %0.80
    • Published: Jul. 31, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-20893

    An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to co... Read more

    Affected Products : call_of_duty_modern_warfare_2
    • EPSS Score: %0.60
    • Published: Jun. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-3376

    Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have unknown impact and attack vectors.... Read more

    Affected Products : jamroom
    • EPSS Score: %0.38
    • Published: Jul. 30, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3479

    Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of param... Read more

    Affected Products : office windows_2000
    • EPSS Score: %65.92
    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-0874

    Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerce before 2.2 have unspecified vectors and impact, as addressed by "Urgent secure fixes". NOTE: this might be a duplicate of CVE-2006-0854, but the vendor announcement for this issue (f... Read more

    Affected Products : iuser_ecommerce
    • EPSS Score: %0.43
    • Published: Feb. 24, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-3349

    Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to in... Read more

    • EPSS Score: %3.12
    • Published: Jul. 28, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3335

    Unspecified vulnerability in PunBB before 1.2.19 allows remote attackers to inject arbitrary SMTP commands via unknown vectors.... Read more

    Affected Products : punbb
    • EPSS Score: %2.42
    • Published: Jul. 27, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3225

    Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."... Read more

    Affected Products : joomla
    • EPSS Score: %0.03
    • Published: Jul. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3252

    Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period.... Read more

    Affected Products : fedora newsx
    • EPSS Score: %25.94
    • Published: Jul. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-1289

    Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file.... Read more

    Affected Products : pcal
    • EPSS Score: %19.28
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-3159

    Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "... Read more

    Affected Products : edirectory
    • EPSS Score: %15.11
    • Published: Jul. 14, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292733 Results