Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-2388

    Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."... Read more

    Affected Products : opensuse opensuse
    • Published: Jun. 06, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2404

    Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.... Read more

    Affected Products : java_asp_server
    • Published: Jun. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4188

    Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) extension before 1.0.2 allows remote attackers to execute arbitrary code via unknown vectors related to "injection of control characters."... Read more

    Affected Products : secure_directory
    • Published: Sep. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2345

    Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."... Read more

    Affected Products : air_filemanager
    • Published: May. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2303

    Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an out-o... Read more

    Affected Products : iphone_os safari iphone ipod_touch
    • Published: Jul. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2362

    Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateCon... Read more

    Affected Products : x11
    • Published: Jun. 16, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-12924

    Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service.... Read more

    • Published: Jun. 28, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-2240

    Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header... Read more

    Affected Products : lotus_domino
    • Published: May. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2023-7221

    A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument ... Read more

    Affected Products : t6_firmware t6
    • Published: Jan. 09, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-0281

    Unspecified vulnerability in Oracle JD Edwards HTML Server 8.95.F1 SP23_L1 has unspecified impact and attack vectors, as identified by Oracle Vuln# JDE01.... Read more

    Affected Products : enterpriseone
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0286

    Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Orac... Read more

    Affected Products : database_server application_server
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0277

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS07 in the (b) Oracle Applicatio... Read more

    Affected Products : e-business_suite
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2024-0002

    A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.... Read more

    Affected Products : purity\/\/fa
    • Published: Sep. 23, 2024
    • Modified: Sep. 27, 2024

  • 10.0

    HIGH
    CVE-2008-2214

    Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.... Read more

    Affected Products : snmpc
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2241

    Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log m... Read more

    • Published: May. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-0279

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 4.3 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS13 and (2) APPS14 in the Oracle iLearning component.... Read more

    Affected Products : e-business_suite
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0274

    Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 and 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP03.... Read more

    Affected Products : application_server
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0259

    Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB1... Read more

    Affected Products : database_server
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0226

    Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames.... Read more

    Affected Products : freebsd
    • Published: Jan. 19, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-2221

    Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors.... Read more

    Affected Products : websphere_application_server
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292803 Results