Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-19025

    In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.).... Read more

    Affected Products : k-808_firmware k-808
    • EPSS Score: %0.24
    • Published: Nov. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-23639

    A command injection vulnerability exists in Moxa Inc VPort 461 Series Firmware Version 3.4 or lower that could allow a remote attacker to execute arbitrary commands in Moxa's VPort 461 Series Industrial Video Servers.... Read more

    Affected Products : vport_461_firmware vport_461
    • EPSS Score: %6.09
    • Published: Nov. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-26167

    In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take complete ownership of any account including an administrator one.... Read more

    Affected Products : fuel_cms
    • EPSS Score: %2.95
    • Published: Nov. 04, 2020
    • Modified: May. 30, 2025

  • 10.0

    HIGH
    CVE-2020-7128

    A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.... Read more

    Affected Products : airwave_glass
    • EPSS Score: %0.93
    • Published: Nov. 04, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-28347

    tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled.... Read more

    Affected Products : ac1750_firmware ac1750
    • EPSS Score: %82.62
    • Published: Nov. 08, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-26821

    SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service.... Read more

    Affected Products : solution_manager
    • EPSS Score: %0.81
    • Published: Nov. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-26823

    SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Service, this has an impact to the integrity and availabilit... Read more

    Affected Products : solution_manager
    • EPSS Score: %0.36
    • Published: Nov. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-15423

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mod_security.php. When... Read more

    Affected Products : webpanel
    • EPSS Score: %2.07
    • Published: Jul. 28, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-7772

    This affects the package doc-path before 2.1.2.... Read more

    Affected Products : doc-path
    • EPSS Score: %0.78
    • Published: Nov. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-28130

    An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photo... Read more

    Affected Products : online_library_management_system
    • EPSS Score: %8.46
    • Published: Nov. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-11831

    OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1.... Read more

    Affected Products : ovoicemanager
    • EPSS Score: %0.36
    • Published: Nov. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-29056

    An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN... Read more

    • EPSS Score: %0.45
    • Published: Nov. 24, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-15424

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mod_security.php. When... Read more

    Affected Products : webpanel
    • EPSS Score: %2.07
    • Published: Jul. 28, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-19875

    An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Arbitrary commands could be injected (using Python scripts) via the AprolCluster script that is invoked via sudo and thus executes with root privileges, a different vulnerabilit... Read more

    Affected Products : industrial_automation_aprol
    • EPSS Score: %0.70
    • Published: Nov. 27, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-27660

    SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.... Read more

    Affected Products : safeaccess
    • EPSS Score: %2.20
    • Published: Nov. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-29390

    Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character.... Read more

    Affected Products : zeroshell
    • EPSS Score: %87.95
    • Published: Nov. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-14260

    HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system.... Read more

    Affected Products : domino
    • EPSS Score: %0.48
    • Published: Dec. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-15426

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_migration_cpanel.php. ... Read more

    Affected Products : webpanel
    • EPSS Score: %2.07
    • Published: Jul. 28, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-2320

    Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.... Read more

    Affected Products : installation_manager_tool
    • EPSS Score: %0.48
    • Published: Dec. 03, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-29578

    The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.... Read more

    Affected Products : piwik_fpm-alpine_docker_image
    • EPSS Score: %2.07
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 290943 Results