Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-14714

    System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.... Read more

    Affected Products : rt-ac3200_firmware rt-ac3200
    • EPSS Score: %67.25
    • Published: May. 13, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14706

    System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request.... Read more

    Affected Products : 5n2_firmware 5n2
    • EPSS Score: %63.86
    • Published: Dec. 03, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14790

    Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device.... Read more

    • EPSS Score: %3.48
    • Published: Oct. 01, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1389

    Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server (RLKS) 8.0 through 8.1.2 allow remote attackers to ... Read more

    • EPSS Score: %11.33
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1268

    The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 o... Read more

    • EPSS Score: %37.09
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-2088

    The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access.... Read more

    Affected Products : clump_os
    • EPSS Score: %2.20
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-0915

    Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR... Read more

    Affected Products : lotus_domino
    • EPSS Score: %15.36
    • Published: Feb. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-14558

    An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows a... Read more

    • Actively Exploited
    • EPSS Score: %81.99
    • Published: Oct. 30, 2018
    • Modified: Mar. 20, 2025

  • 10.0

    HIGH
    CVE-2011-0807

    Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administra... Read more

    • EPSS Score: %88.89
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-14528

    Invoxia NVX220 devices allow TELNET access as admin with a default password.... Read more

    Affected Products : nvx220_firmware nvx220
    • EPSS Score: %1.04
    • Published: Jul. 05, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14495

    Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not caus... Read more

    Affected Products : fd8136_firmware fd8136
    • EPSS Score: %18.80
    • Published: Jul. 10, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0654

    Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, W... Read more

    • EPSS Score: %81.01
    • Published: Feb. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-14494

    Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability that does not app... Read more

    Affected Products : fd8136_firmware fd8136
    • EPSS Score: %8.96
    • Published: Jul. 10, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-0272

    Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.... Read more

    Affected Products : loadrunner
    • EPSS Score: %36.62
    • Published: Jan. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-14417

    A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the snserv endpoint, allowing an unauthenticated attacker to ... Read more

    Affected Products : cloud
    • EPSS Score: %71.90
    • Published: Aug. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14324

    The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipu... Read more

    Affected Products : glassfish_server
    • EPSS Score: %2.46
    • Published: Jul. 16, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-4802

    Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : mojolicious
    • EPSS Score: %0.51
    • Published: May. 03, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4326

    Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (... Read more

    Affected Products : groupwise
    • EPSS Score: %28.49
    • Published: Jan. 28, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4142

    Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) SCPC_INITIALIZE, (2) SCPC_INITIALIZE_RF, or (3) SCPC_TXTEV... Read more

    Affected Products : realwin
    • EPSS Score: %49.08
    • Published: Nov. 02, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-14009

    Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689.... Read more

    Affected Products : codiad
    • EPSS Score: %55.16
    • Published: Jul. 12, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292321 Results