Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2007-6097

    Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."... Read more

    Affected Products : ingate_firewall ingate_siparator
    • EPSS Score: %0.34
    • Published: Nov. 22, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2020-14516

    In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly.... Read more

    Affected Products : factorytalk_services_platform
    • EPSS Score: %0.18
    • Published: Mar. 18, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-3871

    libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23031033.... Read more

    Affected Products : android
    • EPSS Score: %1.47
    • Published: Oct. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2019-10538

    Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ... Read more

    • EPSS Score: %0.33
    • Published: Sep. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4798

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.... Read more

    Affected Products : loadrunner
    • EPSS Score: %82.92
    • Published: Jul. 29, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2019-10686

    An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled.... Read more

    Affected Products : apollo
    • EPSS Score: %0.35
    • Published: Apr. 01, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-4031

    Directory traversal vulnerability in saveFile.jsp in the development installation in Visual Mining NetChart allows remote attackers to write to arbitrary files via unspecified vectors.... Read more

    Affected Products : netcharts_server
    • EPSS Score: %40.63
    • Published: May. 29, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2021-32941

    Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (r... Read more

    Affected Products : n48pbb_firmware n48pbb
    • EPSS Score: %1.55
    • Published: May. 23, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-3491

    The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service Engine before 5.8.1, and ActiveMatrix Service Performance... Read more

    • EPSS Score: %6.03
    • Published: Oct. 26, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4908

    TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.... Read more

    Affected Products : tinybrowser
    • EPSS Score: %61.85
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-17506

    There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjuncti... Read more

    • EPSS Score: %92.50
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-25970

    Unrestricted Upload of File with Dangerous Type vulnerability in Zendrop Zendrop – Global Dropshipping.This issue affects Zendrop – Global Dropshipping: from n/a through 1.0.0. ... Read more

    Affected Products : zendrop
    • EPSS Score: %0.31
    • Published: Dec. 20, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-17526

    An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstra... Read more

    Affected Products : sagemathcell
    • EPSS Score: %0.64
    • Published: Oct. 18, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-7233

    KMS Controls BAC-A1616BC BACnet devices have a cleartext password of snowman in the BACKDOOR_NAME variable in the BC_Logon.swf file.... Read more

    Affected Products : bac-a1616bc_firmware bac-a1616bc
    • EPSS Score: %0.39
    • Published: Jan. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-18200

    An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks.... Read more

    Affected Products : lx390_firmware lx390
    • EPSS Score: %0.33
    • Published: Oct. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-6298

    Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to execute arbitrary commands or modify data via unknown vectors.... Read more

    Affected Products : identityminder
    • EPSS Score: %2.60
    • Published: Dec. 26, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-10493

    Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, ... Read more

    • EPSS Score: %0.33
    • Published: Dec. 12, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7105

    Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors rela... Read more

    • EPSS Score: %0.42
    • Published: Dec. 14, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-11420

    Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC5... Read more

    • EPSS Score: %10.61
    • Published: Jul. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2019-2320

    Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdra... Read more

    • EPSS Score: %0.33
    • Published: Dec. 12, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292735 Results