Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-11228

    Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP).... Read more

    • EPSS Score: %9.09
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-5366

    Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and remote attack vectors related to (1) Oracle Containers for J2EE, aka Vuln# OC4J01, and (2) Oracle Process Mgmt & Notification, aka OPMN01.... Read more

    Affected Products : application_server
    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5361

    Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J03.... Read more

    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5356

    Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, and Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J02.... Read more

    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5347

    Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle Collaboration Suite 9.0.4.2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS04.... Read more

    Affected Products : http_server
    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5172

    Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SU... Read more

    • EPSS Score: %23.46
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5008

    Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.... Read more

    Affected Products : aix
    • EPSS Score: %1.54
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2002-0702

    Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS serve... Read more

    Affected Products : dhcpd dhcp
    • EPSS Score: %37.65
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4181

    Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : radius
    • EPSS Score: %22.64
    • Published: Nov. 28, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2002-0697

    Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials.... Read more

    Affected Products : windows_2000 metadirectory_services
    • EPSS Score: %17.12
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4028

    Multiple unspecified vulnerabilities in WordPress before 2.0.4 have unknown impact and remote attack vectors. NOTE: due to lack of details, it is not clear how these issues are different from CVE-2006-3389 and CVE-2006-3390, although it is likely that 2.... Read more

    Affected Products : wordpress
    • EPSS Score: %5.59
    • Published: Aug. 09, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-11106

    NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; W... Read more

    • EPSS Score: %2.05
    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-3704

    Unspecified vulnerability in the Oracle ODBC Driver for Oracle Database 10.1.0.4 has unknown impact and attack vectors, aka Oracle Vuln# 10.1.0.4.... Read more

    Affected Products : database_server
    • EPSS Score: %3.11
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3702

    Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB06 in Export; (2) DB08, (3) DB09, (4) DB10, (5) DB11, (6) DB12, (7) DB13, (8) DB14, an... Read more

    Affected Products : database_server
    • EPSS Score: %3.59
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3698

    Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB01 for Change Data Capture (CDC) component and (2) DB03 for Data Pump Metadata API. NOTE: as of 20060719, Oracle has not dispu... Read more

    Affected Products : database_server
    • EPSS Score: %17.67
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0667

    Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone.... Read more

    Affected Products : xpressa
    • EPSS Score: %2.20
    • Published: Jul. 23, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-11094

    An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/Export... Read more

    Affected Products : ncloud_300_firmware ncloud_300
    • EPSS Score: %68.09
    • Published: May. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-2630

    Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.... Read more

    Affected Products : client_security norton_antivirus
    • EPSS Score: %78.94
    • Published: May. 27, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-10997

    Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword.... Read more

    Affected Products : etereweb
    • EPSS Score: %0.64
    • Published: Jun. 17, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-1884

    Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01.... Read more

    • EPSS Score: %1.32
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 292522 Results