Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2014-9956

    An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36389611.... Read more

    Affected Products : android
    • EPSS Score: %0.58
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-1171

    Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.... Read more

    Affected Products : sim_card_editor
    • EPSS Score: %76.87
    • Published: Aug. 28, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7915

    Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.... Read more

    Affected Products : moduweb_vision
    • EPSS Score: %0.76
    • Published: Feb. 06, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2017-13284

    In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is no... Read more

    Affected Products : android
    • EPSS Score: %1.23
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-3188

    The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : storm
    • EPSS Score: %12.42
    • Published: Jan. 13, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2004-1266

    Buffer overflow in the get_field_headers function in csv2xml.cpp for csv2xml 0.5.1 allows remote attackers to execute arbitrary code via a crafted CSV file.... Read more

    Affected Products : csv2xml
    • EPSS Score: %3.41
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1279

    Buffer overflow in the get_file_list_stdin function in jpegtoavi 1.5 allows remote attackers to execute arbitrary code via a crafted set of JPEG files and filenames.... Read more

    Affected Products : jpegtoavi
    • EPSS Score: %9.27
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1312

    A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecuri... Read more

    Affected Products : mailessentials mailsecurity
    • EPSS Score: %0.99
    • Published: Jan. 03, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-4847

    Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack vectors related to "A number of security holes which could lead to compromise," a different issue than CVE-2005-4846.... Read more

    Affected Products : spey
    • EPSS Score: %0.34
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2016-10467

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, function ce_pkcs1_pss_p... Read more

    • EPSS Score: %0.22
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-10484

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400... Read more

    • EPSS Score: %0.23
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-14918

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the GPS location wireless interface, a Use After Free condition can occur.... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2018-20377

    Orange Livebox 00.96.320S devices allow remote attackers to discover Wi-Fi credentials via /get_getnetworkconf.cgi on port 8080, leading to full control if the admin password equals the Wi-Fi password or has the default admin value. This is related to Fir... Read more

    • EPSS Score: %38.34
    • Published: Dec. 23, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-1406

    Unspecified vulnerability in the GO Bookmark Widget (com.gau.go.launcherex.gowidget.bookmark) application 1.1 for Android has unknown impact and attack vectors.... Read more

    Affected Products : android go_bookmark_widget
    • EPSS Score: %0.33
    • Published: Mar. 07, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2018-21050

    An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018).... Read more

    Affected Products : android
    • EPSS Score: %0.23
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1052

    Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation.... Read more

    Affected Products : ida
    • EPSS Score: %0.54
    • Published: Feb. 21, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2017-5538

    The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bound... Read more

    Affected Products : samsung_mobile
    • EPSS Score: %2.76
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-17539

    The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell.... Read more

    Affected Products : fortiwlc
    • EPSS Score: %0.42
    • Published: May. 08, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-18001

    Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.... Read more

    Affected Products : secure_web_gateway
    • EPSS Score: %20.85
    • Published: Dec. 31, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2008-5675

    Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI."... Read more

    Affected Products : websphere_portal
    • EPSS Score: %0.51
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292522 Results