Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.0

    HIGH
    CVE-2024-52020

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-52019

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51012

    Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-51009

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 8.0

    HIGH
    CVE-2024-51005

    Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r8500_firmware r8500
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51013

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51015

    Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51017

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51018

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51019

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-51020

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-52028

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-52029

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 5.7

    MEDIUM
    CVE-2024-52030

    Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at ru_wan_flow.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products : r7000p_firmware r7000p
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 7.5

    HIGH
    CVE-2017-9844

    SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. NOTE: The vendor states that the ... Read more

    Affected Products : netweaver
    • EPSS Score: %5.73
    • Published: Jul. 12, 2017
    • Modified: May. 02, 2025

  • 8.8

    HIGH
    CVE-2022-37912

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. ... Read more

    Affected Products : arubaos sd-wan
    • EPSS Score: %0.38
    • Published: Dec. 12, 2022
    • Modified: May. 02, 2025

  • 8.8

    HIGH
    CVE-2022-37903

    A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating s... Read more

    Affected Products : arubaos sd-wan 7005 7008 7010 7024 7030 7205 7210 7220 +2 more products
    • EPSS Score: %0.28
    • Published: Dec. 12, 2022
    • Modified: May. 02, 2025

  • 6.5

    MEDIUM
    CVE-2023-6683

    A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a N... Read more

    Affected Products : enterprise_linux qemu
    • EPSS Score: %0.08
    • Published: Jan. 12, 2024
    • Modified: May. 02, 2025

  • 7.2

    HIGH
    CVE-2023-44221

    Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulner... Read more

    • Actively Exploited
    • EPSS Score: %28.52
    • Published: Dec. 05, 2023
    • Modified: May. 02, 2025

  • 7.2

    HIGH
    CVE-2022-37902

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. ... Read more

    Affected Products : arubaos sd-wan 7005 7008 7010 7024 7030 7205 7210 7220 +2 more products
    • EPSS Score: %0.43
    • Published: Dec. 12, 2022
    • Modified: May. 02, 2025
Showing 20 of 291219 Results