Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-5723

    MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.... Read more

    • EPSS Score: %38.03
    • Published: Jan. 16, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-3765

    Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.... Read more

    Affected Products : windows mlflow
    • EPSS Score: %92.79
    • Published: Jul. 19, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-13696

    A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit ... Read more

    Affected Products : dupscout syncbreeze diskpulse disksavvy
    • EPSS Score: %76.92
    • Published: Jan. 24, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-5701

    In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.... Read more

    Affected Products : system_shield
    • EPSS Score: %19.66
    • Published: Jan. 31, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6569

    West Wind Web Server 6.x does not require authentication for /ADMIN.ASP.... Read more

    Affected Products : web_connection
    • EPSS Score: %0.38
    • Published: Feb. 06, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6289

    Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.... Read more

    Affected Products : secure_mail_gateway
    • EPSS Score: %2.39
    • Published: Feb. 06, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6822

    In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root.... Read more

    Affected Products : purevpn
    • EPSS Score: %0.36
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-1161

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.2.0.13. Authentication is not required to exploit this vulnerability. The specific flaw exists within nvwsworker.exe. When parsing... Read more

    Affected Products : netvault_backup
    • EPSS Score: %51.49
    • Published: Feb. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-2166

    IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remote attackers to gain user access via unknown vectors. IB... Read more

    • EPSS Score: %3.15
    • Published: Feb. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6825

    An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access.... Read more

    Affected Products : vobot_firmware vobot
    • EPSS Score: %1.04
    • Published: Feb. 09, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6292

    Remote Code Execution in Saperion Web Client version 7.5.2 83166.... Read more

    Affected Products : saperion_web_client
    • EPSS Score: %3.76
    • Published: Feb. 13, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5804

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %55.25
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5805

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %58.23
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5806

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %58.23
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5824

    An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.... Read more

    Affected Products : aruba_clearpass_policy_manager
    • EPSS Score: %26.55
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-8981

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %17.05
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-14910

    In Snapdragon Automobile, Snapdragon IoT and Snapdragon Mobile MDM9206 MDM9607, MDM9650, S820A, S820Am, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 835, and SD 845, a buffer overread is possible... Read more

    • EPSS Score: %0.27
    • Published: Feb. 23, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-11632

    An issue was discovered on Wireless IP Camera 360 devices. A root account with a known SHA-512 password hash exists, which makes it easier for remote attackers to obtain administrative access via a TELNET session.... Read more

    Affected Products : wireless_ip_camera_360
    • EPSS Score: %2.59
    • Published: Feb. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2023-4744

    A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. Th... Read more

    Affected Products : ac8_firmware ac8
    • EPSS Score: %0.46
    • Published: Sep. 04, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-6530

    OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and pre... Read more

    • Actively Exploited
    • EPSS Score: %93.89
    • Published: Mar. 06, 2018
    • Modified: Apr. 03, 2025
Showing 20 of 290979 Results