Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-1615

    The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX i... Read more

    Affected Products : junos vmx
    • EPSS Score: %0.47
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-15639

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the decryptFile method of th... Read more

    Affected Products : qconvergeconsole
    • EPSS Score: %19.37
    • Published: Aug. 25, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-14859

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthentica... Read more

    Affected Products : weblogic_server
    • EPSS Score: %4.77
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-13802

    Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.... Read more

    Affected Products : rebar3
    • EPSS Score: %1.61
    • Published: Sep. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1483

    Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact.... Read more

    Affected Products : clientless_vpn_gateway_4400
    • EPSS Score: %3.04
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2018-2611

    Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported version that is affected is Prior to 8.7.13. Easily exploitable vulnerability allows unauthenticated attack... Read more

    • EPSS Score: %4.95
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-9505

    The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary... Read more

    Affected Products : print_management
    • EPSS Score: %2.02
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1463

    Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, related to Access Control Lists (ACL), has unknown impact.... Read more

    Affected Products : moinmoin moinmoin
    • EPSS Score: %0.49
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1770

    The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter.... Read more

    Affected Products : cpanel
    • EPSS Score: %11.89
    • Published: Mar. 11, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-7838

    ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %30.35
    • Published: Jun. 12, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7098

    Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows shockwave_player
    • EPSS Score: %7.84
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7091

    ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • EPSS Score: %63.07
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1280

    The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 allows remote malicious FTP servers to execute arbitrary commands via shell metacharacters in a filename.... Read more

    Affected Products : junkie_ftp_client
    • EPSS Score: %0.72
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1283

    Buffer overflow in the Mesh::type method in mesh.c for the mview program in Mesh Viewer 0.2.2 allows remote attackers to execute arbitrary code via crafted mesh files.... Read more

    Affected Products : mesh_viewer
    • EPSS Score: %3.41
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-3980

    The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload... Read more

    Affected Products : dameware_mini_remote_control
    • EPSS Score: %40.91
    • Published: Oct. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1273

    Buffer overflow in the DownloadLoop function in main.c for greed 0.81p allows remote attackers to execute arbitrary code via a GRX file containing a long filename.... Read more

    Affected Products : greed
    • EPSS Score: %4.86
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1265

    Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the convex-tool program in Convex 3D 0.8pre1 allows remote attackers to execute arbitrary code via a crafted 3DS file.... Read more

    Affected Products : convex_3d
    • EPSS Score: %3.41
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1260

    Multiple buffer overflows in the (1) write_heading function in subs.cpp or (2) trim_title function in parse.cpp for abctab2ps 1.6.3 allow remote attackers to execute arbitrary code via crafted ABC files.... Read more

    Affected Products : abctab2ps
    • EPSS Score: %8.74
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1288

    Buffer overflow in the parse_html function in o3read.c for o3read 0.0.3 allows remote attackers to execute arbitrary code via a crafted SXW file.... Read more

    Affected Products : o3read
    • EPSS Score: %8.52
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1254

    WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.... Read more

    Affected Products : winrar
    • EPSS Score: %5.20
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292518 Results