Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-1724

    Unspecified vulnerability in ReactOS 0.3.1 has unknown impact and attack vectors, related to a fix for "dozens of win32k bugs and failures," in which the fix itself introduces a vulnerability, possibly related to user-mode and kernel-mode copy failures.... Read more

    Affected Products : reactos
    • EPSS Score: %0.34
    • Published: Mar. 28, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1731

    Multiple stack-based buffer overflows in High Performance Anonymous FTP Server (hpaftpd) 1.01 allow remote attackers to execute arbitrary code via long arguments to the (1) USER, (2) PASS, (3) CWD, (4) MKD, (5) RMD, (6) DELE, (7) RNFR, or (8) RNTO FTP com... Read more

    Affected Products : hpaftpd
    • EPSS Score: %5.65
    • Published: Mar. 28, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1795

    JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.... Read more

    Affected Products : urlshrink
    • EPSS Score: %2.66
    • Published: Apr. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1821

    Sprint Nextel Sprint voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).... Read more

    Affected Products : sprint_voice
    • EPSS Score: %1.43
    • Published: Apr. 02, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-1916

    Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be... Read more

    • EPSS Score: %9.37
    • Published: Apr. 10, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2036

    The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse... Read more

    • EPSS Score: %2.30
    • Published: Apr. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2133

    Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle PeopleSoft Enterprise 8.9 has unknown impact and attack vectors, aka PSEHCM01.... Read more

    • EPSS Score: %1.12
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2333

    Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote at... Read more

    • EPSS Score: %2.41
    • Published: Apr. 27, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2372

    admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, m... Read more

    Affected Products : phpmynewsletter
    • EPSS Score: %5.34
    • Published: Apr. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2489

    Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 (5.00.062), allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request for a WSDL file tha... Read more

    Affected Products : protocol_server
    • EPSS Score: %23.38
    • Published: May. 03, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2493

    PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.... Read more

    Affected Products : mxbb_faq mxbb_rules
    • EPSS Score: %3.55
    • Published: May. 04, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2503

    Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tcore] parameter. NOTE: this vulnerability is disputed by CVE and a r... Read more

    Affected Products : php_turbulence
    • EPSS Score: %3.84
    • Published: May. 04, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2713

    ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI.... Read more

    Affected Products : ifdate
    • EPSS Score: %2.04
    • Published: May. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2714

    Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet before 2.0.2, a WordPress plugin, has unknown impact and attack vectors.... Read more

    Affected Products : akismet
    • EPSS Score: %14.45
    • Published: May. 16, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2755

    The PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dll, when Internet Explorer 6 is used, allows remote attackers to overwrite arbitrary files via a full pathname to the SaveToFile function, a different vulnerability than CVE-2007-2744.... Read more

    Affected Products : precisionid_barcode
    • EPSS Score: %7.76
    • Published: May. 17, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2776

    AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject a credential variable setting and obtain administrative access via a... Read more

    Affected Products : template_seller
    • EPSS Score: %1.35
    • Published: May. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2853

    The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD 9.0.0.2 allows remote attackers to execute arbitrary commands via a command line in the first argument to the VCDLaunchAndWait function.... Read more

    • EPSS Score: %4.39
    • Published: May. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2938

    Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Internet Explorer 6 is used, allows remote attackers to execute arbitrary code via a long argument to the (1) Send485CMD method, a... Read more

    • EPSS Score: %57.35
    • Published: May. 31, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2863

    Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file.... Read more

    • EPSS Score: %54.11
    • Published: Jun. 06, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3357

    NetClassifieds Premium Edition does not use encryption for (1) stored passwords or (2) sensitive data, which might allow attackers to obtain information via certain vectors.... Read more

    Affected Products : netclassifieds
    • EPSS Score: %0.18
    • Published: Jun. 22, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292516 Results