Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2012-5863

    These Sinapsi devices do not check for special elements in commands sent to the system. By accessing certain pages with administrative privileges that do not require authentication within the device, attackers can execute arbitrary, unexpected, or dang... Read more

    • Published: Nov. 23, 2012
    • Modified: Jul. 08, 2025

  • 10.0

    HIGH
    CVE-2018-0694

    FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.... Read more

    Affected Products : filezen
    • Published: Nov. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-7228

    Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101.... Read more

    Affected Products : white_dune
    • Published: Sep. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-6046

    Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter.... Read more

    Affected Products : php_enter
    • Published: Nov. 27, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-10170

    NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "nordvpn-service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly expose... Read more

    Affected Products : nordvpn
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-9285

    Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010... Read more

    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-8661

    The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors.... Read more

    • Published: Nov. 06, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-6548

    Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-... Read more

    Affected Products : rt-ac53_firmware rt-ac53
    • Published: Mar. 09, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2018-11949

    Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM89... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-1010298

    Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.... Read more

    Affected Products : op-tee
    • Published: Jul. 15, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-8415

    An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operat... Read more

    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-8957

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.... Read more

    Affected Products : intelligent_management_center
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14078

    Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the "admin" username with password "admin" after a successful attack).... Read more

    Affected Products : smart_hp_wmt
    • Published: Aug. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-9483

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows Network Processor (NP) Linux users to obtain root access to the Application Processor (AP) Linux system via shell metacharacters in commands... Read more

    • Published: Jul. 31, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2009-1592

    Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long banner. NOTE: this might overlap CVE-2003-1368.... Read more

    Affected Products : 32bit_ftp
    • Published: May. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2019-11949

    A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.... Read more

    Affected Products : intelligent_management_center
    • Published: Jun. 05, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-8768

    Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. It will lead to arbitrary OS command execution with a URL substring of sourcetree://cloneRepo/ext:: or sourcetree://checkoutRef/ext:: fol... Read more

    Affected Products : sourcetree
    • Published: May. 04, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2010-2102

    Buffer overflow in Webby Webserver 1.01 allows remote attackers to execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : webby_webserver
    • Published: May. 27, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-1745

    Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default root password hash, and permits password-based root logins over SSH, which makes it easier for remote attackers to obtain access.... Read more

    Affected Products : profense_web_application_firewall
    • Published: May. 21, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4631

    Stack-based buffer overflow in the Message::AddToString function in message/Message.cpp in MUSCLE before 4.40 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted message. NOTE: some of these deta... Read more

    Affected Products : muscle
    • Published: Oct. 21, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292812 Results