Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2014-9994

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow.... Read more

    • EPSS Score: %0.23
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-9531

    The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote attacker to connect to this port via Telnet and execute 86 Attention (AT) commands, inclu... Read more

    Affected Products : explorer_710_firmware explorer_710
    • EPSS Score: %1.59
    • Published: Oct. 10, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-42467

    openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, the proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can ... Read more

    Affected Products : openhab openhab_web_interface
    • Published: Aug. 12, 2024
    • Modified: Aug. 29, 2024

  • 10.0

    HIGH
    CVE-2015-0117

    The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, aka SPR KLYH9SLRGM.... Read more

    Affected Products : lotus_domino domino
    • EPSS Score: %17.51
    • Published: Apr. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2020-26822

    SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of ... Read more

    Affected Products : solution_manager
    • EPSS Score: %0.81
    • Published: Nov. 10, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2020-6143

    A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can sen... Read more

    Affected Products : opensis
    • EPSS Score: %10.78
    • Published: Sep. 01, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-3142

    Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method.... Read more

    Affected Products : kinghistorian kingview
    • EPSS Score: %39.50
    • Published: Aug. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-0252

    There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803... Read more

    Affected Products : android
    • EPSS Score: %0.20
    • Published: Aug. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-24260

    A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level.... Read more

    Affected Products : voipmonitor
    • EPSS Score: %89.74
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-50494

    Unrestricted Upload of File with Dangerous Type vulnerability in Amin Omer Sudan Payment Gateway for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Sudan Payment Gateway for WooCommerce: from n/a through 1.2.2.... Read more

    Affected Products :
    • Published: Oct. 29, 2024
    • Modified: Oct. 29, 2024

  • 10.0

    CRITICAL
    CVE-2018-1000644

    Eclipse RDF4j version < 2.4.0 Milestone 2 contains a XML External Entity (XXE) vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This ... Read more

    Affected Products : rdf4j
    • EPSS Score: %0.38
    • Published: Aug. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-52379

    Unrestricted Upload of File with Dangerous Type vulnerability in Kinetic Innovative Technologies Sdn Bhd kineticPay for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects kineticPay for WooCommerce: from n/a through 2.0.8.... Read more

    Affected Products :
    • Published: Nov. 14, 2024
    • Modified: Nov. 15, 2024

  • 10.0

    CRITICAL
    CVE-2025-32510

    Unrestricted Upload of File with Dangerous Type vulnerability in Ovatheme Ovatheme Events Manager allows Using Malicious Files.This issue affects Ovatheme Events Manager: from n/a through 1.8.4.... Read more

    Affected Products :
    • Published: Jun. 17, 2025
    • Modified: Jul. 30, 2025

  • 10.0

    CRITICAL
    CVE-2020-8974

    In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusab... Read more

    • EPSS Score: %0.09
    • Published: Oct. 17, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-25451

    Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the setstaticroutecfg function.... Read more

    Affected Products : ac6_firmware ac6
    • EPSS Score: %0.39
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-25452

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the URLs parameter in the saveParentControlInfo function.... Read more

    Affected Products : ac6_firmware ac6
    • EPSS Score: %0.39
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-29127

    An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppa... Read more

    • EPSS Score: %0.54
    • Published: Nov. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-32637

    Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism.... Read more

    Affected Products : authelia
    • EPSS Score: %0.53
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-0366

    Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a diff... Read more

    Affected Products : database_mobile\/lite_server
    • EPSS Score: %2.95
    • Published: Jan. 17, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2024-23621

    A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution.... Read more

    Affected Products : merge_efilm_workstation
    • EPSS Score: %0.94
    • Published: Jan. 26, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 292316 Results