Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-1999-0548

    A superfluous NFS server is running, but it is not importing or exporting any file systems.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0088

    IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.... Read more

    Affected Products : aix
    • Published: Oct. 26, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0067

    phf CGI program allows remote command execution through shell metacharacters.... Read more

    Affected Products : http_server ncsa_httpd
    • Published: Mar. 20, 1996
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0203

    In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.... Read more

    Affected Products : sendmail
    • Published: Aug. 17, 1995
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0186

    In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.... Read more

    Affected Products : solaris
    • Published: Oct. 01, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0073

    Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.... Read more

    Affected Products : irix unix osf_1
    • Published: Oct. 13, 1995
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0008

    Buffer overflow in NIS+, in Sun's rpc.nisd program.... Read more

    Affected Products : solaris hp-ux sunos
    • Published: Jun. 08, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0009

    Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.... Read more

    Affected Products : aix solaris sunos bind netbsd linux bsd_os unixware irix openlinux +3 more products
    • Published: Apr. 08, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0095

    The debug command in Sendmail is enabled, allowing attackers to execute commands as root.... Read more

    Affected Products : sendmail
    • Published: Oct. 01, 1988
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0082

    CWD ~root command in ftpd allows root access.... Read more

    Affected Products : ftp ftpcd
    • Published: Nov. 11, 1988
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0080

    Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.... Read more

    Affected Products : wu-ftpd
    • Published: Nov. 30, 1995
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0003

    Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).... Read more

    Affected Products : aix solaris hp-ux sunos irix ted_cde
    • Published: Apr. 01, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0006

    Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.... Read more

    Affected Products : qpopper
    • Published: Jul. 14, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0005

    Arbitrary command execution via IMAP buffer overflow in authenticate command.... Read more

    Affected Products : imap messaging_server
    • Published: Jul. 20, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0002

    Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.... Read more

    Affected Products : linux bsd_os openlinux
    • Published: Oct. 12, 1998
    • Modified: Apr. 03, 2025

  • 9.9

    CRITICAL
    CVE-2018-3877

    An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An att... Read more

    Affected Products : sth-eth-250_firmware sth-eth-250
    • Published: Sep. 21, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2024-29241

    Missing authorization vulnerability in System webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain non-sensitive information, write sensitive configurations in DSM, and reboot or s... Read more

    • Published: Mar. 28, 2024
    • Modified: Aug. 12, 2025

  • 9.9

    CRITICAL
    CVE-2019-1003032

    A sandbox bypass vulnerability exists in Jenkins Email Extension Plugin 2.64 and earlier in pom.xml, src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java, src/main/java/hudson/plugins/emailext/plugins/content/EmailExtScript.java, src/main/jav... Read more

    Affected Products : email_extension
    • Published: Mar. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2018-19586

    Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular ... Read more

    Affected Products : silverpeas
    • Published: Apr. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2018-20091

    An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encr... Read more

    Affected Products : data_science_workbench
    • Published: Jun. 07, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 293258 Results