Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-2241

    Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log m... Read more

    • Published: May. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-0279

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 4.3 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS13 and (2) APPS14 in the Oracle iLearning component.... Read more

    Affected Products : e-business_suite
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0274

    Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 and 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP03.... Read more

    Affected Products : application_server
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0259

    Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB1... Read more

    Affected Products : database_server
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0226

    Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames.... Read more

    Affected Products : freebsd
    • Published: Jan. 19, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-2221

    Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors.... Read more

    Affected Products : websphere_application_server
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2192

    Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote attackers to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.... Read more

    Affected Products : itcms
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-20217

    D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked wit... Read more

    Affected Products : dir-859_firmware dir-859
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-0230

    Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.... Read more

    Affected Products : antivirus_scan_engine
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0273

    Unspecified vulnerability in the Portal component of Oracle Application Server 9.0.4.2 and 10.1.2.0 has unspecified impact and attack vectors, as identified by Oracle Vuln# AS01.... Read more

    Affected Products : application_server
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2021-32494

    Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service. ... Read more

    Affected Products : radare2
    • Published: Jul. 07, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-8178

    Insufficient input validation in npm package `jison` <= 0.4.18 may lead to OS command injection attacks.... Read more

    Affected Products : jison
    • Published: Jul. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-20215

    D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with th... Read more

    Affected Products : dir-859_firmware dir-859
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-2161

    Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : all_windows tftp_server_sp
    • Published: May. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2158

    Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in EMC AlphaStor 3.1 SP1 for Windows allow remote attackers to execute arbitrary code via crafted TCP packets to port 41025.... Read more

    Affected Products : alphastor alphastor
    • Published: May. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2157

    robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows allows remote attackers to execute arbitrary commands via an unspecified string field in a packet to TCP port 3500.... Read more

    Affected Products : alphastor alphastor
    • Published: May. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-0697

    Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests.... Read more

    Affected Products : zen_cart
    • Published: Feb. 15, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-2077

    Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown impact and attack vectors related to "data form list view."... Read more

    Affected Products : webgui
    • Published: May. 05, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2064

    Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems."... Read more

    Affected Products : phpgedview
    • Published: May. 02, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2050

    Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.... Read more

    Affected Products : php
    • Published: May. 05, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 293349 Results