Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2018-0640

    Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0639

    Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0638

    Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0637

    Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0636

    Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0635

    Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0634

    Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2018-0633

    Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via submit-url parameter.... Read more

    Affected Products : aterm_w300p_firmware aterm_w300p
    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2018-0632

    Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via HTTP request and response.... Read more

    Affected Products : aterm_w300p_firmware aterm_w300p
    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0631

    Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.... Read more

    Affected Products : aterm_w300p_firmware aterm_w300p
    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0630

    Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd parameter.... Read more

    Affected Products : aterm_w300p_firmware aterm_w300p
    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0629

    Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.... Read more

    Affected Products : aterm_w300p_firmware aterm_w300p
    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0628

    Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0627

    Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0626

    Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-0625

    Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter.... Read more

    • Published: Jan. 09, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0624

    Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier,... Read more

    • Published: Sep. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0623

    Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier,... Read more

    • Published: Sep. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2018-0622

    The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : dhc_online_shop
    • Published: Jul. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0621

    Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : connection_utility_software
    • Published: Jul. 26, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293592 Results