Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-1999-0454

    A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4935

    The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : moodle
    • Published: Sep. 23, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0569

    A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0596

    A Windows NT log file has an inappropriate maximum size or retention period.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0661

    A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH... Read more

    Affected Products : sendmail
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0665

    An application-critical Windows NT registry key has an inappropriate value.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0730

    The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.... Read more

    Affected Products : debian_linux
    • Published: Jun. 12, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-7022

    The Tools module in fx-APP 0.0.8.1 allows remote attackers to misrepresent the contents of a web page via an arbitrary URL in the url parameter to a showhtml action for index.php, which causes the URL to be displayed within an iframe.... Read more

    Affected Products : fx-app
    • Published: Feb. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7253

    GE Healthcare Infinia II has a default password of (1) infinia for the infinia user, (2) #bigguy1 for the acqservice user, (3) dont4get2 for the Administrator user, (4) #bigguy1 for the emergency user, and (5) 2Bfamous for the InfiniaAdmin user, which has... Read more

    Affected Products : infinia_ii
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-1999-1553

    Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line.... Read more

    Affected Products : xcmail
    • Published: May. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0032

    Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0044

    Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.... Read more

    Affected Products : warftpd
    • Published: Jan. 06, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0428

    Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment.... Read more

    Affected Products : interscan_viruswall
    • Published: May. 04, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-0949

    Stack-based buffer overflow in iTinySoft Studio Total Video Player 1.03, and possibly earlier, allows remote attackers to execute arbitrary code via a M3U playlist file that contains a long file name. NOTE: it was later reported that 1.20 and 1.30 are als... Read more

    Affected Products : total_video_player
    • Published: Feb. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1117

    Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no act... Read more

    Affected Products : publisher
    • Published: Feb. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2000-1026

    Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands.... Read more

    Affected Products : tcpdump
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1220

    The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configur... Read more

    Affected Products : linux irix
    • Published: Jan. 08, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-1733

    Buffer overflow in InterVations NaviCOPA HTTP Server 2.01 allows remote attackers to execute arbitrary code via a long (1) /cgi-bin/ or (2) /cgi/ pathname in an HTTP GET request, probably a different issue than CVE-2006-5112.... Read more

    Affected Products : navicopa_web_server
    • Published: Mar. 28, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-1272

    Buffer overflow in the save_embedded_address function in filter.c for elm/bolthole filter 2.6.1 allows remote attackers to execute arbitrary code via a crafted email message.... Read more

    Affected Products : filter
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-2131

    Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.22.14, 8.47.12, and 8.48.08 has unknown impact and attack vectors, aka PSE01.... Read more

    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 293351 Results