Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-5439

    A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. A remote attacker may be able to execute arbitrary code on a target machine with elevated privileges.... Read more

    Affected Products : emerge_e3_firmware emerge_e3
    • Published: Feb. 19, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-4404

    The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM zSeries servers does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic... Read more

    Affected Products : zseries
    • Published: Oct. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4038

    Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted... Read more

    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-5399

    The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. Th... Read more

    • Published: Oct. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-5409

    The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, ... Read more

    Affected Products : print_management
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-3466

    Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to ... Read more

    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2798

    Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown ... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-5262

    A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote attackers to execute arbitrary code in the context of a highly privileged account.... Read more

    Affected Products : diskboss
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-1882

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln# (1) APPS03 in (a) iProcurement; (2) APPS04 in (b) Oracle Application Object Library; (3) APPS06, (4) AP... Read more

    Affected Products : e-business_suite
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1879

    Multiple unspecified vulnerabilities in the Email Server component in Oracle Collaboration Suite 9.0.4.2, 10.1.1, 10.1.2.0, and 10.1.2.1 have unknown impact and attack vectors, aka Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04.... Read more

    Affected Products : collaboration_suite
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-0346

    Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.... Read more

    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0318

    Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based b... Read more

    Affected Products : clamav
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0296

    Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.... Read more

    Affected Products : vlc_media_player windows
    • Published: Jan. 16, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0053

    Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.... Read more

    Affected Products : cups
    • Published: Mar. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0016

    Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.... Read more

    Affected Products : firefox seamonkey
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0003

    Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitr... Read more

    • Published: Jan. 08, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6204

    Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) weba... Read more

    Affected Products : openview_network_node_manager
    • Published: Dec. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6109

    Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as de... Read more

    Affected Products : emacs
    • Published: Dec. 07, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5351

    Unspecified vulnerability in Server Message Block Version 2 (SMBv2) signing support in Microsoft Windows Vista allows remote attackers to force signature re-computation and execute arbitrary code via a crafted SMBv2 packet, aka "SMBv2 Signing Vulnerabilit... Read more

    Affected Products : windows_vista
    • Published: Dec. 12, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-1604

    Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unknown impact and remote attack vectors related to variables that are not "typecasted."... Read more

    Affected Products : exponent_cms
    • Published: Apr. 04, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 293192 Results