Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2004-1993

    The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password.... Read more

    Affected Products : omail_webmail
    • EPSS Score: %1.94
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-2712

    Unspecified vulnerability in MH Software Connect Daily before 3.3.3 has unknown impact and attack vectors.... Read more

    Affected Products : connect_daily
    • EPSS Score: %0.61
    • Published: May. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2783

    Unspecified vulnerability in Rational Soft Hidden Administrator 1.7 and earlier allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors. NOTE: this issue has no actionable information, and perhaps should not be... Read more

    Affected Products : hidden_administrator
    • EPSS Score: %7.68
    • Published: May. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2848

    Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control (shcmb80.ocx) in Sky Software Shell MegaPack ActiveX 8.0 allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information... Read more

    • EPSS Score: %5.77
    • Published: May. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-2281

    Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3.... Read more

    Affected Products : lotus_notes notes
    • EPSS Score: %0.49
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-12289

    An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C7824WIP) CH-sys-48.53.75.119~123 and 200V (C38S) CH-sys-48.53.203.119~123 devices. A remote command can be executed through a system firmware update without authentication. The attacker ca... Read more

    • EPSS Score: %0.59
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2002-0432

    Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks such as a long HELO command to the SMTP server.... Read more

    Affected Products : ux
    • EPSS Score: %5.99
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0489

    Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the (1) query or (2) type parameters.... Read more

    Affected Products : nslookup
    • EPSS Score: %3.55
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0490

    Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain mail message headers via numerous parameters in write.php... Read more

    Affected Products : instant_web_mail
    • EPSS Score: %2.26
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0801

    Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file.... Read more

    Affected Products : jrun jrun
    • EPSS Score: %39.60
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-4050

    Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta Victoria edition allows remote attackers to access system-level windows via unspecified vectors.... Read more

    Affected Products : bazaar
    • EPSS Score: %3.34
    • Published: Jul. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-4338

    index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST wi... Read more

    Affected Products : family_connections_cms
    • EPSS Score: %37.36
    • Published: Aug. 14, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2002-2218

    CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a ... Read more

    Affected Products : sips
    • EPSS Score: %0.39
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-5391

    Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors.... Read more

    Affected Products : select_identity
    • EPSS Score: %4.10
    • Published: Oct. 12, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2005-2023

    The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail.... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.47
    • Published: Jun. 17, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2222

    Unknown vulnerability in the HTTPMail service in MailEnable Professional before 1.6 has unknown impact and attack vectors.... Read more

    Affected Products : mailenable_professional
    • EPSS Score: %0.47
    • Published: Jul. 12, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0240

    The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).... Read more

    • EPSS Score: %22.36
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0374

    Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus."... Read more

    Affected Products : nessus
    • EPSS Score: %0.47
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-5053

    PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.... Read more

    Affected Products : joomla com_rssreader
    • EPSS Score: %0.47
    • Published: Nov. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2963

    TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (cra... Read more

    Affected Products : movicon
    • EPSS Score: %8.93
    • Published: Jul. 29, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 292316 Results