Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2017-7376

    Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.... Read more

    Affected Products : android debian_linux libxml2
    • Published: Feb. 19, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-7269

    Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in ... Read more

    • Actively Exploited
    • Published: Mar. 27, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2025-24865

    The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.... Read more

    Affected Products : mypro
    • Published: Feb. 13, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Authentication

  • 10.0

    HIGH
    CVE-2006-5369

    Unspecified vulnerability in Oracle Application Object Library in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS02.... Read more

    Affected Products : e-business_suite
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5374

    Unspecified vulnerability in Oracle Pharmaceutical Applications 4.5.1 has unknown impact and remote authenticated attack vectors, aka Vuln# PHAR01.... Read more

    Affected Products : pharmaceutical
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5365

    Unspecified vulnerability in Oracle Forms in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors, aka Vuln# FORM02.... Read more

    Affected Products : e-business_suite application_server
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5354

    Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and 10.1.0.5, Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0, racle Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impac... Read more

    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-5815

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.... Read more

    Affected Products : intelligent_management_center
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-5358

    Unspecified vulnerability in Oracle Forms component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 has unknown impact and remote attack vectors, aka Vuln# FORM01.... Read more

    Affected Products : application_server
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-5638

    The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a craf... Read more

    • Actively Exploited
    • Published: Mar. 11, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2006-5357

    Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 10.1.2.0.1, 10.1.2.0.2, and 10.1.2.1.0 has unknown impact and remote attack vectors related to the PHP Module, aka Vuln# OHS03.... Read more

    Affected Products : application_server
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5348

    Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collaboration Suite 9.0.4.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS05.... Read more

    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5269

    Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface.... Read more

    Affected Products : serverprotect serverprotect
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-3089

    Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF imaging model. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : digital_editions
    • Published: Jun. 20, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2022-25448

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-5288

    Cisco 2700 Series Wireless Location Appliances before 2.1.34.0 have a default administrator username "root" and password "password," which allows remote attackers to obtain administrative privileges, aka Bug ID CSCsb92893.... Read more

    Affected Products : 2700_wireless_location_appliance
    • Published: Oct. 13, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2017-2637

    A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyo... Read more

    Affected Products : openstack
    • Published: Jul. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6092

    Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.... Read more

    Affected Products : ingate_firewall ingate_siparator
    • Published: Nov. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5238

    Unspecified vulnerability in the file upload module in Blue Smiley Organizer before 4.45 has unknown impact and attack vectors.... Read more

    Affected Products : blue_smiley_organizer
    • Published: Oct. 12, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5171

    Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SU... Read more

    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 293259 Results