Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-0741

    Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) has unknown impact and attack vectors.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.00
    • Published: Feb. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0659

    Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.... Read more

    • EPSS Score: %49.84
    • Published: Feb. 08, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0620

    SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to cause a denial of service (crash) via a 0x53 LPD command, which causes the server to terminate.... Read more

    Affected Products : sapgui saplpd sapsprint
    • EPSS Score: %4.98
    • Published: Feb. 06, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0532

    Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument loca... Read more

    • EPSS Score: %78.89
    • Published: Mar. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0457

    Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files... Read more

    Affected Products : backupexec_system_recovery
    • EPSS Score: %29.75
    • Published: Feb. 07, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0437

    Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL... Read more

    Affected Products : virtual_rooms activex
    • EPSS Score: %32.49
    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0349

    Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has unknown impact and remote attack vectors, aka PSE02.... Read more

    • EPSS Score: %1.72
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0342

    Unspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05.... Read more

    Affected Products : database_server
    • EPSS Score: %2.30
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0235

    The Microsoft VFP_OLE_Server ActiveX control allows remote attackers to execute arbitrary code by invoking the foxcommand method.... Read more

    Affected Products : vfp_ole_server_activex_control
    • EPSS Score: %45.24
    • Published: Jan. 11, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0082

    An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or vide... Read more

    Affected Products : windows_messenger
    • EPSS Score: %62.76
    • Published: Aug. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0080

    Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response.... Read more

    • EPSS Score: %37.66
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6703

    Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) might allow attackers to cause a denial of service via unspecified vectors.... Read more

    Affected Products : vdccm
    • EPSS Score: %1.03
    • Published: Mar. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6691

    Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "ite... Read more

    Affected Products : gallery
    • EPSS Score: %1.14
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6688

    Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to "web-accessibility protection of the storage folder."... Read more

    Affected Products : gallery
    • EPSS Score: %1.02
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6529

    Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %0.78
    • Published: Dec. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6494

    Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to obtain login access via a request to hosting/addreseller.asp with a username in the reseller parameter, followed by a request to AdminSettings/displays.asp with the DecideAction and... Read more

    Affected Products : hosting_controller
    • EPSS Score: %2.30
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6453

    Directory traversal vulnerability in raidenhttpd-admin/workspace.php in RaidenHTTPD 2.0.19, when the WebAdmin function is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ulang parameter.... Read more

    Affected Products : raidenhttpd
    • EPSS Score: %14.15
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6431

    Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6... Read more

    • EPSS Score: %6.51
    • Published: Feb. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6425

    Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.... Read more

    Affected Products : hp-ux
    • EPSS Score: %2.82
    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6319

    Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modifica... Read more

    Affected Products : list_manager
    • EPSS Score: %1.68
    • Published: Feb. 19, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291891 Results