Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2010-0476

    The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reb... Read more

    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0425

    modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAP... Read more

    • Published: Mar. 05, 2010
    • Modified: Jul. 24, 2025

  • 10.0

    HIGH
    CVE-2018-5915

    Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 712 / SD 710 / SD 670, SD 820, SD... Read more

    • Published: Jan. 18, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-2807

    ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.... Read more

    Affected Products : speedy_asp_discussion_forum
    • Published: Jun. 05, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2009-4180

    Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.... Read more

    Affected Products : openview_network_node_manager
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-4176

    Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe.... Read more

    Affected Products : openview_network_node_manager
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-2869

    Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 has unknown impact and remote attack vectors.... Read more

    Affected Products : avast_antivirus
    • Published: Jun. 06, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2009-3953

    The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDec... Read more

    • Actively Exploited
    • Published: Jan. 13, 2010
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3846

    Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter.... Read more

    Affected Products : openview_network_node_manager
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3732

    Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : player server workstation ace windows
    • Published: Apr. 12, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-3699

    Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to proce... Read more

    Affected Products : aix vios
    • Published: Oct. 15, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3517

    nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors.... Read more

    Affected Products : aix
    • Published: Oct. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3071

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unkno... Read more

    Affected Products : firefox
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3070

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2017-7108

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged con... Read more

    Affected Products : iphone_os tvos watchos
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2018-5782

    A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vsethos... Read more

    Affected Products : connect_onsite st14.2
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-5768

    A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header.... Read more

    Affected Products : ac15_firmware ac15_firmware ac15
    • Published: Mar. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-5780

    A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vnewmee... Read more

    Affected Products : connect_onsite st14.2
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-5770

    An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a request to /goform/telnet, creating a telnetd service on the device. This service is password protected; however, several default accounts exist on the device tha... Read more

    Affected Products : ac15_firmware ac15_firmware ac15
    • Published: Mar. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-2466

    The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_... Read more

    Affected Products : firefox thunderbird
    • Published: Jul. 22, 2009
    • Modified: Jun. 25, 2025
Showing 20 of 292795 Results