Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2019-15068

    A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator’s password without any authentication.... Read more

    • EPSS Score: %0.30
    • Published: Sep. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-15066

    An “invalid command” handler issue was discovered in HiNet GPON firmware < I040GWR190731. It allows an attacker to execute arbitrary command through port 6998. CVSS 3.0 Base score 10.0. CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).... Read more

    Affected Products : gpon_firmware gpon
    • EPSS Score: %0.44
    • Published: Oct. 17, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-46315

    Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicoius users can use this vulnerability to use "\ " or backticks in the shell me... Read more

    Affected Products : dir-846_firmware dir-846
    • EPSS Score: %26.25
    • Published: Feb. 17, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-1389

    Unspecified vulnerability in the Di Long Weibo (com.icekirin.weibos) application 1.9.9 for Android has unknown impact and attack vectors.... Read more

    Affected Products : android di_long_weibo
    • EPSS Score: %0.43
    • Published: Mar. 07, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2024-3272

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of th... Read more

    • Actively Exploited
    • Published: Apr. 04, 2024
    • Modified: Nov. 29, 2024

  • 10.0

    CRITICAL
    CVE-2023-51409

    Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98. ... Read more

    Affected Products : ai_engine ai_engine
    • Published: Apr. 12, 2024
    • Modified: Apr. 08, 2025

  • 10.0

    HIGH
    CVE-2008-4673

    PHP remote file inclusion vulnerability in panel/common/theme/default/header_setup.php in WebBiscuits Software Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the (1) path[docroot] and (2) component parameters.... Read more

    Affected Products : events_calendar
    • EPSS Score: %2.48
    • Published: Oct. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2020-6144

    A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can sen... Read more

    Affected Products : opensis
    • EPSS Score: %10.78
    • Published: Sep. 01, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-33936

    Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. A non-privileged user could potentially exploit this vulnerability, leading to achieving a root shell. This is a critical issue; so Dell recommends customers to upgrade at the ea... Read more

    • EPSS Score: %0.43
    • Published: Jul. 07, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2244

    Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Sna... Read more

    • EPSS Score: %0.33
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2252

    Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,... Read more

    • EPSS Score: %1.20
    • Published: Sep. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2045

    In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • EPSS Score: %0.87
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-2047

    In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • EPSS Score: %0.87
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-9198

    The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.... Read more

    • EPSS Score: %0.68
    • Published: Jan. 27, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2020-24651

    A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %2.83
    • Published: Oct. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-6660

    GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether thes... Read more

    Affected Products : precision_mpi
    • EPSS Score: %0.57
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2009-2026

    Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager... Read more

    • EPSS Score: %25.56
    • Published: Aug. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-5196

    Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.... Read more

    Affected Products : condor
    • EPSS Score: %0.78
    • Published: Sep. 28, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-20716

    Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, WBR-B11... Read more

    • EPSS Score: %3.03
    • Published: Apr. 28, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-6097

    Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."... Read more

    Affected Products : ingate_firewall ingate_siparator
    • EPSS Score: %0.34
    • Published: Nov. 22, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292517 Results