Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-22502

    Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server.... Read more

    Affected Products : operation_bridge_reporter
    • Actively Exploited
    • Published: Feb. 08, 2021
    • Modified: Mar. 12, 2025

  • 10.0

    HIGH
    CVE-2019-19839

    emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.... Read more

    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-13285

    In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a possible out of bounds write due to an uninitialized buffer. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User in... Read more

    Affected Products : android
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-0434

    The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors.... Read more

    Affected Products : suse_cloud
    • Published: Dec. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-26588

    A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This v... Read more

    • Published: Oct. 11, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-19138

    Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java".... Read more

    Affected Products : dotcms
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2025-53577

    Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS allows Remote Code Inclusion. This issue affects Global DNS: from n/a through 3.1.0.... Read more

    Affected Products :
    • Published: Aug. 20, 2025
    • Modified: Aug. 20, 2025

  • 10.0

    HIGH
    CVE-2000-0040

    glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.... Read more

    Affected Products : glftpd
    • Published: Dec. 23, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0577

    Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : professional_services_ftpserver
    • Published: Jun. 21, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0677

    Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable.... Read more

    Affected Products : net.data
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0181

    Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.... Read more

    • Published: Mar. 26, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0538

    Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page.... Read more

    Affected Products : outlook
    • Published: Aug. 14, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4732

    Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a project that contains a certain Click event procedure, as demonstrated using the msgbox function and the VB.Label object.... Read more

    Affected Products : visual_basic
    • Published: Sep. 13, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-5268

    Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface."... Read more

    Affected Products : serverprotect serverprotect
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-0364

    Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.... Read more

    Affected Products : access total_vb_sourcebook
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0465

    Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2446

    GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.... Read more

    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-1999-0577

    A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.... Read more

    Affected Products : windows_nt
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0601

    A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0663

    A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.... Read more

    Affected Products :
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 292795 Results