Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-6530

    OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and pre... Read more

    • Actively Exploited
    • EPSS Score: %93.89
    • Published: Mar. 06, 2018
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2459

    Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory ... Read more

    • EPSS Score: %1.77
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2423

    msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %15.62
    • Published: Aug. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2220

    Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element.... Read more

    Affected Products : file_reporter file_reporter_engine
    • EPSS Score: %28.94
    • Published: Jul. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1806

    Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %5.40
    • Published: May. 26, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-3738

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.... Read more

    Affected Products : openssl
    • EPSS Score: %67.23
    • Published: Sep. 28, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-3710

    Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# (1) AS05 and (2) AS08.... Read more

    Affected Products : application_server
    • EPSS Score: %4.23
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3708

    Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, 10.1.2.0.2, and 10.1.2.1 has unknown impact and attack vectors, aka Oracle Vuln# AS03.... Read more

    Affected Products : application_server
    • EPSS Score: %4.23
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3705

    Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable re... Read more

    Affected Products : database_server
    • EPSS Score: %3.93
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-1290

    Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vector... Read more

    • EPSS Score: %6.53
    • Published: Mar. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-3667

    Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706 has unknown impact and remote attack vectors.... Read more

    • EPSS Score: %0.48
    • Published: Jul. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-0862

    Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availabili... Read more

    Affected Products : jre jdk
    • EPSS Score: %11.63
    • Published: Jun. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-3628

    Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.... Read more

    Affected Products : enterprise_linux wireshark ethereal
    • EPSS Score: %5.89
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-6292

    Remote Code Execution in Saperion Web Client version 7.5.2 83166.... Read more

    Affected Products : saperion_web_client
    • EPSS Score: %3.58
    • Published: Feb. 13, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-3601

    ** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (.net nuke) allows remote attackers to gain privileges via unspecified vectors, as used in an attack against the Microsoft France web site. NOTE: due to the... Read more

    Affected Products : dotnetnuke
    • EPSS Score: %1.10
    • Published: Jul. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-6213

    In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.... Read more

    • EPSS Score: %3.10
    • Published: Jun. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6444

    A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.... Read more

    • EPSS Score: %4.08
    • Published: Jan. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-3553

    PlaNet Concept planetNews allows remote attackers to bypass authentication and execute arbitrary code via a direct request to news/admin/planetnews.php.... Read more

    Affected Products : planetnews
    • EPSS Score: %6.69
    • Published: Jul. 13, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-6228

    A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.... Read more

    Affected Products : email_encryption_gateway
    • EPSS Score: %3.65
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-3498

    Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request.... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %9.18
    • Published: Aug. 02, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 292325 Results