Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-1999-0385

    The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.... Read more

    Affected Products : exchange_server
    • EPSS Score: %9.00
    • Published: Dec. 01, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0560

    A system-critical Windows NT file or directory has inappropriate permissions.... Read more

    Affected Products : windows_nt
    • EPSS Score: %2.57
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0568

    rpc.admind in Solaris is not running in a secure mode.... Read more

    Affected Products : solaris
    • EPSS Score: %0.48
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-6454

    execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this in... Read more

    Affected Products : web_interface
    • EPSS Score: %3.16
    • Published: Dec. 10, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-0798

    Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.... Read more

    • EPSS Score: %0.51
    • Published: Dec. 04, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0977

    Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %5.89
    • Published: Dec. 10, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-6713

    Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allows remote attackers to execute arbitrary code via crafted LDAP requests.... Read more

    Affected Products : hitachi_directory_server_2
    • EPSS Score: %7.62
    • Published: Dec. 23, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7052

    Multiple PHP remote file inclusion vulnerabilities in DotWidget For Articles (dotwidgeta) 0.2 allow remote attackers to execute arbitrary code via a URL in the (1) file_path parameter to (a) index.php, (b) showcatpicks.php, and (c) showarticle.php; and th... Read more

    Affected Products : dotwidget_for_articles
    • EPSS Score: %3.36
    • Published: Feb. 24, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-7136

    Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter to (1) poll.php, (2) poll_kommentar.php, and (3) poll_sm.php, di... Read more

    Affected Products : php_poll_creator
    • EPSS Score: %2.26
    • Published: Mar. 07, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2000-0348

    A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.... Read more

    Affected Products : unixware
    • EPSS Score: %0.46
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0370

    The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.... Read more

    Affected Products : openlinux
    • EPSS Score: %1.90
    • Published: Jan. 29, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1495

    Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors.... Read more

    • EPSS Score: %0.72
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0286

    Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long username.... Read more

    Affected Products : robotftp_server
    • EPSS Score: %11.65
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0854

    When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same dir... Read more

    Affected Products : office
    • EPSS Score: %37.31
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0954

    Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server.... Read more

    Affected Products : shambala_server
    • EPSS Score: %0.40
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0540

    Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.... Read more

    Affected Products : windows_2000
    • EPSS Score: %22.68
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0543

    Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.... Read more

    Affected Products : e-business_suite applications
    • EPSS Score: %6.03
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1126

    Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.84
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0742

    Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view.... Read more

    Affected Products : java_system_calendar_server
    • EPSS Score: %1.04
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-1631

    PHP remote file inclusion vulnerability in signup.php in CLBOX 1.01 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: this issue has been disputed by a reliable third party, stating that header is defined thro... Read more

    Affected Products : clbox
    • EPSS Score: %1.01
    • Published: Mar. 23, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292522 Results