Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-4397

    Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.... Read more

    • EPSS Score: %85.82
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4383

    Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 ... Read more

    Affected Products : aos omniswitch
    • EPSS Score: %27.07
    • Published: Oct. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4023

    Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability."... Read more

    Affected Products : windows_2000
    • EPSS Score: %62.76
    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4008

    Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown ... Read more

    Affected Products : bea_product_suite
    • EPSS Score: %85.81
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3892

    Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488... Read more

    Affected Products : player server workstation ace
    • EPSS Score: %66.00
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3870

    Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.... Read more

    Affected Products : solaris
    • EPSS Score: %30.62
    • Published: May. 26, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3869

    Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.... Read more

    Affected Products : solaris
    • EPSS Score: %33.28
    • Published: May. 26, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3865

    Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224... Read more

    • EPSS Score: %29.34
    • Published: Jan. 21, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3862

    Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request cont... Read more

    Affected Products : officescan officescan
    • EPSS Score: %40.42
    • Published: Oct. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3703

    The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation for Windows (SFW) 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary... Read more

    Affected Products : veritas_storage_foundation
    • EPSS Score: %24.54
    • Published: Aug. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3695

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMw... Read more

    Affected Products : player server workstation ace
    • EPSS Score: %1.24
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3576

    Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained fr... Read more

    Affected Products : openttd
    • EPSS Score: %13.18
    • Published: Aug. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3175

    Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buff... Read more

    • EPSS Score: %24.28
    • Published: Aug. 01, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3079

    Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : opera opera_browser windows
    • EPSS Score: %0.75
    • Published: Jul. 09, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3064

    Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."... Read more

    Affected Products : realplayer
    • EPSS Score: %0.71
    • Published: Jul. 28, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3010

    Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute... Read more

    • EPSS Score: %41.88
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2824

    Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors.... Read more

    Affected Products : workcentre
    • EPSS Score: %1.97
    • Published: Jun. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2654

    Off-by-one error in the read_client function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some co... Read more

    Affected Products : motion
    • EPSS Score: %7.46
    • Published: Jun. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2541

    Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month fie... Read more

    Affected Products : etrust_secure_content_manager
    • EPSS Score: %23.70
    • Published: Jun. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2468

    Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap a... Read more

    • EPSS Score: %47.12
    • Published: Sep. 18, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291513 Results