Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-1999-0775

    Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.... Read more

    Affected Products : ios
    • EPSS Score: %1.10
    • Published: Jun. 10, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0876

    Buffer overflow in Internet Explorer 4.0 via EMBED tag.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %24.14
    • Published: Jan. 04, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2020-13841

    An issue was discovered on LG mobile devices with Android OS 9 and 10 (MTK chipsets). An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 (June 2020).... Read more

    Affected Products : android g6 q6 q8 v20 v30 x_cam x300 x400 x500 +25 more products
    • EPSS Score: %0.16
    • Published: Jun. 05, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-0745

    SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server.... Read more

    Affected Products : snmpc
    • EPSS Score: %0.87
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0755

    Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.... Read more

    Affected Products : gtkftp
    • EPSS Score: %4.46
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1584

    Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerab... Read more

    Affected Products : sunos openwindows
    • EPSS Score: %0.48
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1202

    The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username.... Read more

    Affected Products : omail_webmail
    • EPSS Score: %4.04
    • Published: Aug. 19, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0757

    The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.... Read more

    Affected Products : totalbill
    • EPSS Score: %1.91
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0297

    Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag len... Read more

    Affected Products : imail
    • EPSS Score: %56.96
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0827

    Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username.... Read more

    Affected Products : documentdirect_for_the_internet
    • EPSS Score: %3.16
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0844

    Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.... Read more

    • EPSS Score: %0.89
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0848

    Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %8.47
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-1039

    Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 and earlier has unknown impact and attack vectors.... Read more

    Affected Products : peanut_knowledge_base
    • EPSS Score: %0.39
    • Published: Feb. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2001-0070

    Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command.... Read more

    Affected Products : 1st_up_mail_server
    • EPSS Score: %2.76
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-1569

    Stack-based buffer overflow in NewsBin Pro 4.32 allows remote attackers to cause a denial of service or execute arbitrary code via a yEnc (yEncode) encoded article with a long filename, as demonstrated using a .nzb file. NOTE: some of these details are o... Read more

    Affected Products : newsbin_pro
    • EPSS Score: %9.25
    • Published: Mar. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1620

    Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer 1.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SESSION[SITE_PATH] parameter to (a) wind/help.php or (b) wind/about.php, or the (2) _SESSION[... Read more

    Affected Products : php_db_designer
    • EPSS Score: %4.69
    • Published: Mar. 23, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-1301

    Buffer overflow in the book_format_sql function in format.c for xlreader 0.9.0 allows remote attackers to execute arbitrary code via a crafted Excel (XLS) file.... Read more

    Affected Products : xlreader
    • EPSS Score: %5.03
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-1699

    Multiple PHP remote file inclusion vulnerabilities in the SWmenu (com_swmenupro and com_swmenufree) 4.0 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to ImageManager... Read more

    Affected Products : swmenu_component swmenu_component
    • EPSS Score: %0.24
    • Published: Mar. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2367

    Buffer overflow in wserve_console.exe in Wserve HTTP Server (whttp) 4.6 allows remote attackers to cause a denial of service (forced application exit) via a long directory name in the URI.... Read more

    Affected Products : wserve_http_server
    • EPSS Score: %3.01
    • Published: Apr. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2127

    Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via (1) Application Object Library (APPS04), iStore (2) APPS05 and (3) APPS06, (4) iSupport (APPS07), (5) Trade Management (APPS09), (6) A... Read more

    Affected Products : e-business_suite
    • EPSS Score: %1.12
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292316 Results