Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-11936

    Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Co... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2002-0988

    Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.... Read more

    Affected Products : unixware openunix
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-11905

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in WLAN function due to lack of input validation in values received from firmware.... Read more

    Affected Products : android
    • Published: Dec. 07, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-0080

    Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response.... Read more

    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6703

    Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) might allow attackers to cause a denial of service via unspecified vectors.... Read more

    Affected Products : vdccm
    • Published: Mar. 04, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6494

    Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to obtain login access via a request to hosting/addreseller.asp with a username in the reseller parameter, followed by a request to AdminSettings/displays.asp with the DecideAction and... Read more

    Affected Products : hosting_controller
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6431

    Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6... Read more

    • Published: Feb. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6319

    Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modifica... Read more

    Affected Products : list_manager
    • Published: Feb. 19, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-3589

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, the vswr capture size is larger than the maximum size of a diag logPacket, which can lead to a buffer overflow when the sample buffer... Read more

    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6051

    IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.... Read more

    • Published: Nov. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2018-11808

    Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user (which by default is "NT AUTH... Read more

    • Published: Jun. 06, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-5530

    Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01.... Read more

    Affected Products : database_server
    • Published: Oct. 17, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5330

    The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruptio... Read more

    • Published: Oct. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5327

    Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d op... Read more

    • Published: Oct. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5326

    Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    • Published: Oct. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5252

    Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of... Read more

    • Published: Oct. 06, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5082

    Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing... Read more

    • Published: Oct. 01, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5057

    NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the (1) basic and (2) authentication schemes by spoofing the NetSupport Manager.... Read more

    Affected Products : netsupport_manager_client
    • Published: Sep. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5005

    Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in th... Read more

    • Published: Oct. 01, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5003

    Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in r... Read more

    • Published: Oct. 01, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 293289 Results