Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-1946

    Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4i... Read more

    Affected Products : windows_xp
    • EPSS Score: %39.64
    • Published: Apr. 11, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1655

    Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers.... Read more

    Affected Products : tinymux
    • EPSS Score: %19.94
    • Published: Mar. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1578

    Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.... Read more

    Affected Products : mercur_imapd
    • EPSS Score: %46.55
    • Published: Mar. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1447

    The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC procedure arguments, which result in memory corruptio... Read more

    • EPSS Score: %40.60
    • Published: Mar. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1112

    Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrar... Read more

    • EPSS Score: %3.91
    • Published: Apr. 06, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1070

    Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows wh... Read more

    • EPSS Score: %78.12
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0938

    Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability."... Read more

    Affected Products : content_management_server
    • EPSS Score: %38.20
    • Published: Apr. 10, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0888

    Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary files, and upload files to arbitrary locations, via ..// (dot dot) sequences in the pathname argument to an FTP (1) GET or (2... Read more

    Affected Products : kiwi_cattools
    • EPSS Score: %6.70
    • Published: Feb. 12, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0886

    Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer ... Read more

    • EPSS Score: %26.07
    • Published: Feb. 12, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0746

    Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference".... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %35.05
    • Published: Apr. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0448

    The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath... Read more

    Affected Products : php
    • EPSS Score: %2.21
    • Published: May. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0446

    Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_i... Read more

    • EPSS Score: %63.75
    • Published: Feb. 08, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0065

    Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafte... Read more

    • EPSS Score: %58.40
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7183

    PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.... Read more

    Affected Products : exhibit_engine_2
    • EPSS Score: %3.35
    • Published: Mar. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6443

    Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors.... Read more

    Affected Products : client
    • EPSS Score: %0.71
    • Published: Dec. 10, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6423

    Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre... Read more

    • EPSS Score: %39.22
    • Published: Dec. 12, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6336

    Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) in Eudora WorldMail 3.1.x allows remote attackers to execute arbitrary code via a crafted request containing successive delimiters.... Read more

    Affected Products : worldmail_management_server
    • EPSS Score: %20.36
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2024-11639

    An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access... Read more

    Affected Products : cloud_services_appliance
    • Published: Dec. 10, 2024
    • Modified: Jan. 17, 2025

  • 10.0

    HIGH
    CVE-2006-6026

    Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request t... Read more

    • EPSS Score: %40.12
    • Published: Nov. 21, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5583

    Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNMP packet, aka "SNMP Memory Corruption Vulnerability."... Read more

    Affected Products : windows_2003_server
    • EPSS Score: %68.21
    • Published: Dec. 12, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 291736 Results