Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-0014

    Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-200... Read more

    Affected Products : serverprotect serverprotect
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0013

    Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-200... Read more

    Affected Products : serverprotect serverprotect
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0027

    Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote at... Read more

    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0012

    Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-200... Read more

    Affected Products : serverprotect serverprotect
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6711

    Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, 2.2.6 and 2.2.7WIP1/2 allows remote attackers to gain administrator privileges via unknown vectors.... Read more

    Affected Products : freewebshop
    • Published: Mar. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6686

    The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller.... Read more

    Affected Products : gallery
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6685

    Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors.... Read more

    Affected Products : gallery_publish_xp_module
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6690

    The Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR commands, which has unknown impact and attack vectors.... Read more

    Affected Products : gallery
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6721

    The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed ... Read more

    • Published: Mar. 30, 2009
    • Modified: May. 12, 2025

  • 10.0

    HIGH
    CVE-2007-6688

    Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to "web-accessibility protection of the storage folder."... Read more

    Affected Products : gallery
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6691

    Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "ite... Read more

    Affected Products : gallery
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2025-20265

    A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.  This vulnerabilit... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 16, 2025
    • Vuln Type: Injection

  • 10.0

    HIGH
    CVE-2007-6757

    GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or prod... Read more

    Affected Products : centricity_dms_firmware
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-6732

    Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the (1) pofs and (2) ... Read more

    • Published: Sep. 13, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-3268

    Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.... Read more

    Affected Products : php
    • Published: Aug. 25, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3122

    Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."... Read more

    Affected Products : wordpress
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3106

    The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : chrome
    • Published: May. 24, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3003

    Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-o... Read more

    Affected Products : firefox seamonkey
    • Published: Sep. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2997

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary c... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Sep. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2992

    The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly e... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 293508 Results