Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-1984

    The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerabil... Read more

    Affected Products : amx_firmware
    • EPSS Score: %4.08
    • Published: Jan. 22, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6319

    SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574.... Read more

    • EPSS Score: %0.81
    • Published: Jan. 27, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0949

    Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.... Read more

    Affected Products : connect
    • EPSS Score: %2.40
    • Published: Feb. 10, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-31230

    Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.... Read more

    Affected Products : powerscale_onefs powerscale_onefs
    • EPSS Score: %0.20
    • Published: Jun. 28, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-40643

    EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by default/usr/sbin/sendmail) it is possible to execute any ... Read more

    Affected Products : eyesofnetwork
    • EPSS Score: %3.22
    • Published: Jun. 30, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-2397

    The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.... Read more

    • EPSS Score: %5.04
    • Published: Feb. 17, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-8286

    Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000.... Read more

    Affected Products : raysharp_firmware
    • EPSS Score: %21.12
    • Published: Feb. 18, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-32032

    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.... Read more

    Affected Products : ax1806_firmware ax1806
    • EPSS Score: %2.74
    • Published: Jul. 01, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-2275

    The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote attackers to perform administrative actions via... Read more

    • EPSS Score: %0.29
    • Published: Feb. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-21744

    In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges ne... Read more

    Affected Products : lr13 nr15 nr16 lr11 lr12 lr12a lr9 mt2735 mt6779 mt6781 +63 more products
    • EPSS Score: %6.36
    • Published: Jul. 06, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-41037

    In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-line used to start the application, injecting things like... Read more

    Affected Products : equinox_p2
    • EPSS Score: %0.49
    • Published: Jul. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-0816

    mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_parse_islice.c and decoder/ih264d_parse_pslice.c, aka inter... Read more

    Affected Products : android
    • EPSS Score: %2.23
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1313

    Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to obtain root access via unspecified vectors, aka Bug ID ... Read more

    Affected Products : ucs_invicta_c3124sa_appliance
    • EPSS Score: %1.49
    • Published: Apr. 06, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0836

    Stack-based buffer overflow in decoder/impeg2d_vld.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25812590.... Read more

    Affected Products : android
    • EPSS Score: %0.67
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0837

    MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memor... Read more

    Affected Products : android
    • EPSS Score: %1.22
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2416

    libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive informatio... Read more

    Affected Products : android
    • EPSS Score: %0.29
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2016-1343

    The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML Ex... Read more

    Affected Products : information_server
    • EPSS Score: %0.59
    • Published: Apr. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2298

    Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors.... Read more

    • EPSS Score: %73.03
    • Published: May. 14, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4325

    Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors.... Read more

    Affected Products : xprintserver_firmware
    • EPSS Score: %0.89
    • Published: May. 14, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2022-2634

    An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed.... Read more

    • EPSS Score: %0.14
    • Published: Aug. 10, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 290977 Results