Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-2303

    Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an out-o... Read more

    Affected Products : iphone_os safari iphone ipod_touch
    • EPSS Score: %19.35
    • Published: Jul. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2362

    Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateCon... Read more

    Affected Products : x11
    • EPSS Score: %2.08
    • Published: Jun. 16, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-12924

    Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service.... Read more

    • EPSS Score: %0.30
    • Published: Jun. 28, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-2240

    Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header... Read more

    Affected Products : lotus_domino
    • EPSS Score: %83.95
    • Published: May. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2023-7221

    A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument ... Read more

    Affected Products : t6_firmware t6
    • EPSS Score: %0.29
    • Published: Jan. 09, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-0281

    Unspecified vulnerability in Oracle JD Edwards HTML Server 8.95.F1 SP23_L1 has unspecified impact and attack vectors, as identified by Oracle Vuln# JDE01.... Read more

    Affected Products : enterpriseone
    • EPSS Score: %1.48
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0286

    Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Orac... Read more

    Affected Products : database_server application_server
    • EPSS Score: %1.99
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0277

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS07 in the (b) Oracle Applicatio... Read more

    Affected Products : e-business_suite
    • EPSS Score: %1.45
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2024-0002

    A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.... Read more

    Affected Products : purity\/\/fa
    • Published: Sep. 23, 2024
    • Modified: Sep. 27, 2024

  • 10.0

    HIGH
    CVE-2008-2214

    Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.... Read more

    Affected Products : snmpc
    • EPSS Score: %22.79
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2241

    Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log m... Read more

    • EPSS Score: %6.95
    • Published: May. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-0279

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 4.3 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS13 and (2) APPS14 in the Oracle iLearning component.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %1.48
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0274

    Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 and 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP03.... Read more

    Affected Products : application_server
    • EPSS Score: %1.99
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0259

    Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB1... Read more

    Affected Products : database_server
    • EPSS Score: %1.20
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0226

    Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames.... Read more

    Affected Products : freebsd
    • EPSS Score: %17.28
    • Published: Jan. 19, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-2221

    Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.02
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2192

    Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote attackers to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.... Read more

    Affected Products : itcms
    • EPSS Score: %4.25
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-20217

    D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked wit... Read more

    Affected Products : dir-859_firmware dir-859
    • EPSS Score: %5.79
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-0230

    Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.... Read more

    Affected Products : antivirus_scan_engine
    • EPSS Score: %28.16
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0273

    Unspecified vulnerability in the Portal component of Oracle Application Server 9.0.4.2 and 10.1.2.0 has unspecified impact and attack vectors, as identified by Oracle Vuln# AS01.... Read more

    Affected Products : application_server
    • EPSS Score: %2.42
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 292510 Results