Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

8.8

HIGH

CVE-2018-10614

An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project XML files....

Affected Products : levistudiou
Published: Oct. 09, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-10613

Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior....

Affected Products : mds_pulsenet
Published: Jun. 04, 2018

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2018-10612

In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, includi...

Affected Products : hmi_sl control_for_beaglebone_sl control_for_empc-a\/imx6_sl control_for_iot2000_sl control_for_linux_sl control_for_pfc100_sl control_for_pfc200_sl control_for_raspberry_pi_sl control_rte_sl control_win_sl +8 more products
Published: Jan. 29, 2019

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-10611

Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services....

Affected Products : mds_pulsenet
Published: Jun. 04, 2018

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2018-10610

An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project files....

Affected Products : levistudiou
Published: Oct. 09, 2018

Modified: Nov. 21, 2024
6.1

MEDIUM

CVE-2018-10609

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges....

Affected Products : telem-gwm_firmware telem-gw6_firmware telem-gwm telem-gw6
Published: Jul. 31, 2018

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2018-10608

SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects to a malicious FTP server, which may cause denial of service via 100% CPU utilization. Restart of the application is required....

Affected Products : acselerator_architect
Published: Jul. 24, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-10607

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control chan...

Affected Products : telem-gwm_firmware telem-gw6_firmware telem-gwm telem-gw6
Published: Jul. 31, 2018

Modified: Nov. 21, 2024
9.3

HIGH

CVE-2018-10606

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files....

Affected Products : levistudiou
Published: Sep. 26, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2018-10605

Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU....

Affected Products : telem-gwm_firmware telem-gw6_firmware telem-gwm telem-gw6
Published: Oct. 01, 2018

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2018-10604

SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execut...

Affected Products : sel_compass
Published: Jul. 24, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-10603

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process....

Affected Products : telem-gwm_firmware telem-gw6_firmware telem-gwm telem-gw6
Published: Jul. 31, 2018

Modified: Nov. 21, 2024
9.3

HIGH

CVE-2018-10602

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files....

Affected Products : levistudiou
Published: Sep. 26, 2018

Modified: Nov. 21, 2024
8.2

HIGH

CVE-2018-10601

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revision...

Affected Products : intellivue_mp2_firmware intellivue_x2_firmware intellivue_mp30_firmware intellivue_mp50_firmware intellivue_mp70_firmware intellivue_np90_firmware intellivue_mx700_firmware intellivue_mx800_firmware intellivue_mx400_firmware intellivue_mx450_firmware +26 more products
Published: Jun. 05, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-10600

SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of...

Affected Products : acselerator_architect
Published: Jul. 24, 2018

Modified: Nov. 21, 2024
5.3

MEDIUM

CVE-2018-10599

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revision...

Affected Products : intellivue_mp2_firmware intellivue_x2_firmware intellivue_mp30_firmware intellivue_mp50_firmware intellivue_mp70_firmware intellivue_np90_firmware intellivue_mx700_firmware intellivue_mx800_firmware intellivue_mx400_firmware intellivue_mx450_firmware +26 more products
Published: Jun. 05, 2018

Modified: Nov. 21, 2024
8.1

HIGH

CVE-2018-10598

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker to gain remote ...

Affected Products : cncsoft screeneditor
Published: Aug. 13, 2018

Modified: Nov. 21, 2024
8.3

HIGH

CVE-2018-10597

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revision...

Affected Products : intellivue_mp2_firmware intellivue_x2_firmware intellivue_mp30_firmware intellivue_mp50_firmware intellivue_mp70_firmware intellivue_np90_firmware intellivue_mx700_firmware intellivue_mx800_firmware intellivue_mx400_firmware intellivue_mx450_firmware +26 more products
Published: Jun. 05, 2018

Modified: Nov. 21, 2024
6.3

MEDIUM

CVE-2018-10595

A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) to issue SQL commands, which may result in loss or corru...

Affected Products : database_manager performa reada inoqula\+ kiestra_tla kiestra_wca
Published: May. 24, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-10594

Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be r...

Affected Products : commgr dvpsimulator_ahsim_5x0 dvpsimulator_ahsim_5x1 dvpsimulator_eh2 dvpsimulator_es2 dvpsimulator_h3 dvpsimulator_se dvpsimulator_ss2
Published: Jun. 26, 2018

Modified: Nov. 21, 2024

Showing 20 of 293645 Results

Browse by Apps

Latest CVE Feed

8.8

7.5

10.0

9.8

8.8

6.1

7.8

7.5

9.3

9.0

8.8

9.8

9.3

8.2

9.8

5.3

8.1

8.3

6.3

9.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable