Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-0411

    claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.... Read more

    Affected Products : claroline
    • EPSS Score: %1.09
    • Published: Jan. 25, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0979

    Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack vectors.... Read more

    Affected Products : issue_dealer
    • EPSS Score: %0.48
    • Published: Mar. 03, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1085

    admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the option[admin_pass] parameter and setting the pass_cookie to the MD5 hash of the spe... Read more

    Affected Products : php-stats
    • EPSS Score: %3.34
    • Published: Mar. 09, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1123

    SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie.... Read more

    Affected Products : d2kblog
    • EPSS Score: %1.48
    • Published: Mar. 09, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1381

    Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.... Read more

    Affected Products : officescan
    • EPSS Score: %0.38
    • Published: Mar. 24, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1770

    Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admi... Read more

    Affected Products : azdgvote
    • EPSS Score: %4.00
    • Published: Apr. 13, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-3715

    Unspecified vulnerability in Calendar for Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka Oracle Vuln# OCS01.... Read more

    Affected Products : collaboration_suite
    • EPSS Score: %3.57
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4289

    Buffer overflow in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x before 20060626 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : vaio_media_server
    • EPSS Score: %30.33
    • Published: Aug. 22, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-5375

    Multiple unspecified vulnerabilities in PeopleTools component in Oracle PeopleSoft Enterprise 8.46 GA, 8.47 GA, 8.48 GA, 8.46.15, 8.47.09, and 8.48.03 have unknown impact and remote attack vectors, aka Vuln# (1) PSE01, (2) PSE02, and (3) PSE03.... Read more

    • EPSS Score: %0.96
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5558

    Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details ... Read more

    Affected Products : hp-ux
    • EPSS Score: %3.35
    • Published: Oct. 27, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5611

    Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 has unspecified impact and attack vectors, related to the 4.20.01(T) "Security fix." NOTE: due to the lack of details in the vendor advisory, it is not clear whether this issue is related... Read more

    Affected Products : bluetooth_stack
    • EPSS Score: %0.39
    • Published: Oct. 31, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5675

    Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated... Read more

    Affected Products : business_intelligence_suite
    • EPSS Score: %0.64
    • Published: Nov. 03, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5940

    Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Integer Issues" and parsing of .EXE files.... Read more

    Affected Products : avg_antivirus
    • EPSS Score: %0.50
    • Published: Nov. 16, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5972

    Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.... Read more

    Affected Products : wg111v2_driver wg111v2
    • EPSS Score: %18.79
    • Published: Nov. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6055

    Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE).... Read more

    Affected Products : dwl-g132
    • EPSS Score: %4.09
    • Published: Nov. 22, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6136

    IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.21
    • Published: Nov. 28, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6135

    Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" (PK29725) and (2) "Potential security exposure" (PK30831... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.82
    • Published: Nov. 28, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6270

    Multiple SQL injection vulnerabilities in ASPMForum allow remote attackers to execute arbitrary SQL commands via (1) the soruid parameter in forum2.asp, (2) the ak parameter in kullanicilistesi.asp, (3) the kelimeler parameter in aramayap.asp, and (4) the... Read more

    Affected Products : aspmforum
    • EPSS Score: %0.43
    • Published: Dec. 04, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6361

    Heap-based buffer overflow in the uploadprogress_php_rfc1867_file function in uploadprogress.c in Bitflux Upload Progress Meter before 8276 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted HTTP POST fileup... Read more

    Affected Products : upload_progress_meter
    • EPSS Score: %2.45
    • Published: Dec. 07, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6472

    The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 configures port 443 to be always active, which has unknown impact and remote attack vectors.... Read more

    Affected Products : workcentre
    • EPSS Score: %0.40
    • Published: Dec. 11, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 292516 Results