Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-5606

    Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than C... Read more

    Affected Products : instant_support
    • Published: Jun. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5476

    Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors.... Read more

    Affected Products : flash_player mac_os_x opera_browser
    • Published: Oct. 18, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3999

    Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-part... Read more

    Affected Products : kerberos_5
    • Published: Sep. 05, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-15975

    Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected devi... Read more

    • Published: Jan. 06, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-2442

    The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup... Read more

    Affected Products : ubuntu_linux debian_linux kerberos_5
    • Published: Jun. 26, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2435

    Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of ... Read more

    Affected Products : jre sdk java_enterprise_system
    • Published: May. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-15900

    An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases retur... Read more

    Affected Products : doas
    • Published: Oct. 18, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-2281

    Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code v... Read more

    Affected Products : openview_storage_data_protector
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-15859

    Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI.... Read more

    Affected Products : diris_a-40_firmware diris_a-40
    • Published: Oct. 09, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6525

    Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) Toolkit 8.3 before fix pack 7 for z/OS has unknown impact and attack vectors, related to "scripting."... Read more

    Affected Products : db2_content_manager_toolkit
    • Published: Dec. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6491

    Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute arbitrary SQL commands via (1) the cat_id parameter to categories.asp; and probably (2) the document_id parameter to categories.asp, and the (3) cat_id an... Read more

    Affected Products : webdoc_cms
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2001-0223

    Buffer overflow in wwwwais allows remote attackers to execute arbitrary commands via a long QUERY_STRING (HTTP GET request).... Read more

    Affected Products : wwwwais.25.c
    • Published: Mar. 26, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-6456

    Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffice 2.2.2 before Patch 4 has unknown impact and attack vectors related to MacOS 10.3.9 .odb files. NOTE: it is not clear whether this issue is a vulnerability.... Read more

    Affected Products : neooffice
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6529

    Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.... Read more

    Affected Products : tikiwiki_cms\/groupware
    • Published: Dec. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6453

    Directory traversal vulnerability in raidenhttpd-admin/workspace.php in RaidenHTTPD 2.0.19, when the WebAdmin function is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ulang parameter.... Read more

    Affected Products : raidenhttpd
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6425

    Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.... Read more

    Affected Products : hp-ux
    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2001-0746

    Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, ... Read more

    Affected Products : one_web_server iplanet_web_server
    • Published: Oct. 18, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-15846

    Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.... Read more

    Affected Products : debian_linux exim
    • Published: Sep. 06, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6337

    Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.... Read more

    Affected Products : clamav linux
    • Published: Dec. 31, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6293

    Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers to gain privileges via "some HMC commands."... Read more

    Affected Products : hardware_management_console
    • Published: Dec. 10, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292916 Results