Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-6820

    The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 on Windows runs with "OS privilege," which has unknown impact and attack vectors, a different vulnerability than CVE-2008-3856.... Read more

    Affected Products : db2 windows
    • EPSS Score: %0.78
    • Published: Jun. 03, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6816

    Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via pane_actionbutton.php, and then executing this action via exec_action.php.... Read more

    Affected Products : network_shutdown_module
    • EPSS Score: %11.74
    • Published: May. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6767

    wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.... Read more

    Affected Products : wordpress
    • EPSS Score: %0.74
    • Published: Apr. 28, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6536

    Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and remote attack vectors, as demonstrated by the PROTOS GENOME test suite for Archive Formats (c10).... Read more

    Affected Products : 7-zip
    • EPSS Score: %2.26
    • Published: Mar. 30, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6415

    Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname.... Read more

    Affected Products : ccproxy
    • EPSS Score: %5.38
    • Published: Mar. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6071

    Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOT... Read more

    Affected Products : graphicsmagick
    • EPSS Score: %6.08
    • Published: Feb. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5911

    Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NT... Read more

    Affected Products : helix_server helix_server_mobile
    • EPSS Score: %16.43
    • Published: Jan. 20, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5457

    Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, an... Read more

    Affected Products : bea_product_suite
    • EPSS Score: %83.27
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5448

    Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-... Read more

    Affected Products : secure_backup
    • EPSS Score: %84.01
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5415

    The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure.... Read more

    • EPSS Score: %15.63
    • Published: Dec. 11, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5412

    Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438.... Read more

    • EPSS Score: %1.35
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5403

    Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.... Read more

    • EPSS Score: %25.56
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5401

    Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."... Read more

    • EPSS Score: %26.69
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5305

    Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% variable.... Read more

    Affected Products : twiki
    • EPSS Score: %2.94
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5282

    Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via (1) a link with a long HREF attribute, and (2) a DIV tag with a long id attribute.... Read more

    Affected Products : amaya_web_browser
    • EPSS Score: %46.08
    • Published: Nov. 29, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5094

    Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors.... Read more

    Affected Products : edirectory
    • EPSS Score: %0.23
    • Published: Nov. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4868

    Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."... Read more

    Affected Products : mplayer ffmpeg
    • EPSS Score: %0.73
    • Published: Nov. 01, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4692

    The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact a... Read more

    Affected Products : db2
    • EPSS Score: %1.49
    • Published: Oct. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4479

    Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header.... Read more

    Affected Products : edirectory
    • EPSS Score: %31.88
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4402

    Multiple buffer overflows in CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : officescan officescan
    • EPSS Score: %15.57
    • Published: Oct. 03, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291513 Results