Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2011-2663

    Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message.... Read more

    Affected Products : groupwise
    • Published: Oct. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2261

    Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2252.... Read more

    Affected Products : secure_backup
    • Published: Jul. 20, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2164

    Multiple unspecified vulnerabilities in Adobe Photoshop before 12.0.4 have unknown impact and attack vectors.... Read more

    Affected Products : photoshop
    • Published: May. 20, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-2159

    Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain acc... Read more

    Affected Products : befsr41 befsr11 befsru31
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-1850

    Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action.... Read more

    Affected Products : intelligent_management_center
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-14746

    Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS.... Read more

    Affected Products : qts
    • Published: Nov. 28, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1741

    Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbird Client Connector, as used in the Indexing Server in EMC Documentum eRoom 7.x before 7.4.3.f and other products, allows remote attackers to execute arbitrary code by sending a crafted ... Read more

    Affected Products : documentum_eroom
    • Published: Jul. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1733

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.... Read more

    Affected Products : openview_storage_data_protector
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1731

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.... Read more

    Affected Products : openview_storage_data_protector
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1730

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.... Read more

    Affected Products : openview_storage_data_protector
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-2133

    Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password.... Read more

    Affected Products : 1120_adsl_router
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2018-14721

    FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.... Read more

    • Published: Jan. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14714

    System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.... Read more

    Affected Products : rt-ac3200_firmware rt-ac3200
    • Published: May. 13, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14706

    System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request.... Read more

    Affected Products : 5n2_firmware 5n2
    • Published: Dec. 03, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14790

    Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device.... Read more

    • Published: Oct. 01, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1389

    Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server (RLKS) 8.0 through 8.1.2 allow remote attackers to ... Read more

    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1268

    The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 o... Read more

    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-2088

    The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access.... Read more

    Affected Products : clump_os
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-0915

    Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR... Read more

    Affected Products : lotus_domino
    • Published: Feb. 08, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-14558

    An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows a... Read more

    • Actively Exploited
    • Published: Oct. 30, 2018
    • Modified: Mar. 20, 2025
Showing 20 of 293284 Results