Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2016-2359

    Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.... Read more

    • EPSS Score: %0.63
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-2360

    Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.... Read more

    • EPSS Score: %0.84
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4857

    D-Link DIR-865L has PHP File Inclusion in the router xml file.... Read more

    Affected Products : dir-865l_firmware dir-865l
    • EPSS Score: %1.32
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2002-2444

    Snoopy before 2.0.0 has a security hole in exec cURL... Read more

    Affected Products : snoopy
    • EPSS Score: %0.48
    • Published: Oct. 28, 2019
    • Modified: Nov. 20, 2024

  • 9.8

    CRITICAL
    CVE-2009-4899

    pixelpost 1.7.1 has SQL injection... Read more

    Affected Products : pixelpost
    • EPSS Score: %0.29
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-16897

    In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitra... Read more

    • EPSS Score: %0.36
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-3375

    qtparted has insecure library loading which may allow arbitrary code execution... Read more

    Affected Products : qtparted
    • EPSS Score: %1.05
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-10748

    Sequelize all versions prior to 3.35.1, 4.44.3, and 5.8.11 are vulnerable to SQL Injection due to JSON path keys not being properly escaped for the MySQL/MariaDB dialects.... Read more

    Affected Products : sequelize
    • EPSS Score: %0.43
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-15683

    TurboVNC server code contains stack buffer overflow vulnerability in commit prior to cea98166008301e614e0d36776bf9435a536136e. This could possibly result into remote code execution, since stack frame is not protected with stack canary. This attack appear ... Read more

    Affected Products : turbovnc
    • EPSS Score: %3.00
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-18624

    Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO (aka Right to Left Override) approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. This affec... Read more

    Affected Products : mini
    • EPSS Score: %0.20
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-10762

    columnQuote in medoo before 1.7.5 allows remote attackers to perform a SQL Injection due to improper escaping.... Read more

    Affected Products : medoo
    • EPSS Score: %0.58
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-18632

    European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate.... Read more

    Affected Products : eidas-node_integration_package
    • EPSS Score: %0.20
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-18364

    In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.05
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-5043

    burn allows file names to escape via mishandled quotation marks... Read more

    Affected Products : debian_linux burn
    • EPSS Score: %0.43
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-6125

    Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions.... Read more

    Affected Products : chicken
    • EPSS Score: %0.64
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-18226

    Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibili... Read more

    • EPSS Score: %0.18
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2739

    MiniDLNA has heap-based buffer overflow... Read more

    Affected Products : debian_linux readymedia
    • EPSS Score: %9.46
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2738

    minidlna has SQL Injection that may allow retrieval of arbitrary files... Read more

    Affected Products : readymedia
    • EPSS Score: %0.38
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4103

    Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input... Read more

    Affected Products : cryptocat
    • EPSS Score: %7.14
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2259

    Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview... Read more

    Affected Products : cryptocat
    • EPSS Score: %0.72
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291878 Results