Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-3498

    Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request.... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %9.18
    • Published: Aug. 02, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-0081

    Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex... Read more

    Affected Products : firefox thunderbird
    • EPSS Score: %3.73
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0066

    Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList.... Read more

    Affected Products : firefox seamonkey
    • EPSS Score: %4.22
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3342

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deploymen... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %8.54
    • Published: Feb. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-3441

    Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there... Read more

    • EPSS Score: %74.29
    • Published: Aug. 09, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2010-4221

    Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.... Read more

    Affected Products : proftpd
    • EPSS Score: %89.72
    • Published: Nov. 09, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3972

    Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial o... Read more

    Affected Products : internet_information_services iis
    • EPSS Score: %90.90
    • Published: Dec. 23, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3558

    Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : jre jdk
    • EPSS Score: %5.16
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3552

    Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : jre jdk
    • EPSS Score: %82.66
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-3203

    The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges.... Read more

    Affected Products : ultimate_php_board
    • EPSS Score: %1.24
    • Published: Jun. 24, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2010-2521

    Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WR... Read more

    Affected Products : linux_kernel
    • EPSS Score: %2.49
    • Published: Sep. 07, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2445

    freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) mod... Read more

    Affected Products : freeciv
    • EPSS Score: %1.60
    • Published: Jul. 08, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1551

    Stack-based buffer overflow in the _OVParseLLA function in ov.dll in netmon.exe in Network Monitor in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the sel parameter.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %18.26
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1233

    Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects.... Read more

    Affected Products : chrome
    • EPSS Score: %1.83
    • Published: Apr. 01, 2010
    • Modified: Jun. 25, 2025

  • 10.0

    HIGH
    CVE-2018-5997

    An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code executi... Read more

    Affected Products : filehub_firmware
    • EPSS Score: %24.86
    • Published: Jan. 25, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-0476

    The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reb... Read more

    • EPSS Score: %49.07
    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0425

    modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAP... Read more

    • EPSS Score: %87.45
    • Published: Mar. 05, 2010
    • Modified: Jul. 24, 2025

  • 10.0

    HIGH
    CVE-2018-5915

    Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 712 / SD 710 / SD 670, SD 820, SD... Read more

    • EPSS Score: %0.22
    • Published: Jan. 18, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-2807

    ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.... Read more

    Affected Products : speedy_asp_discussion_forum
    • EPSS Score: %3.74
    • Published: Jun. 05, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2009-4180

    Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %33.83
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 292425 Results