Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-2689

    PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote attackers to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter.... Read more

    Affected Products : browsercrm
    • EPSS Score: %13.09
    • Published: Jun. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2018-1000825

    FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Freeco... Read more

    Affected Products : freecol
    • EPSS Score: %0.24
    • Published: Dec. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-2638

    Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php.... Read more

    Affected Products : 1-book
    • EPSS Score: %4.65
    • Published: Jun. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-20478

    In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safe_load in thes... Read more

    Affected Products : ruamel.yaml
    • EPSS Score: %7.26
    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-4223

    Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors.... Read more

    Affected Products : mac_os_x_server
    • EPSS Score: %1.67
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4220

    Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.89
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4208

    Unspecified vulnerability in OSADS Alliance Database before 2.1 has unknown impact and attack vectors, possibly related to includes/functions.php, a different issue than CVE-2006-2874.... Read more

    Affected Products : osads_alliance_database
    • EPSS Score: %0.38
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2481

    PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb3.functions.php in phpRaider 1.0.7 and 1.0.7a, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[phpbb_path] paramete... Read more

    Affected Products : phpraider
    • EPSS Score: %3.84
    • Published: May. 28, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4212

    Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.80
    • Published: Oct. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2474

    Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 ... Read more

    Affected Products : pcu400
    • EPSS Score: %37.60
    • Published: Sep. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2469

    Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.... Read more

    Affected Products : libspf2
    • EPSS Score: %38.62
    • Published: Oct. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2468

    Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap a... Read more

    • EPSS Score: %47.12
    • Published: Sep. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2486

    Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to "staticservers.dat processing."... Read more

    Affected Products : emule_plus
    • EPSS Score: %0.40
    • Published: May. 28, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-20451

    The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials ca... Read more

    • EPSS Score: %12.49
    • Published: Feb. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-2424

    Unspecified vulnerability in the 404 error page for the "Standard demo" in Interchange before 5.6.0 and before 5.5.2 has unknown impact and attack vectors.... Read more

    Affected Products : interchange
    • EPSS Score: %0.40
    • Published: May. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-1038

    Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string.... Read more

    Affected Products : securecrt securefx
    • EPSS Score: %3.33
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-2388

    Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."... Read more

    Affected Products : opensuse opensuse
    • EPSS Score: %0.34
    • Published: Jun. 06, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2404

    Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.... Read more

    Affected Products : java_asp_server
    • EPSS Score: %12.95
    • Published: Jun. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4188

    Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) extension before 1.0.2 allows remote attackers to execute arbitrary code via unknown vectors related to "injection of control characters."... Read more

    Affected Products : secure_directory
    • EPSS Score: %3.48
    • Published: Sep. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2345

    Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."... Read more

    Affected Products : air_filemanager
    • EPSS Score: %0.86
    • Published: May. 19, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292508 Results