Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2018-0563

    Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privile... Read more

    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0562

    Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : soundengine
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0561

    Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition Ver. 3.7.15 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : phishwall
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-0560

    Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display.... Read more

    Affected Products : hatena_bookmark
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-0559

    Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors.... Read more

    Affected Products : mailwise
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-0558

    Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors.... Read more

    Affected Products : mailwise
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-0557

    Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors.... Read more

    Affected Products : mailwise
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0556

    Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.... Read more

    Affected Products : wzr-1750dhp2_firmware wzr-1750dhp2
    • Published: Apr. 09, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0555

    Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file.... Read more

    Affected Products : wzr-1750dhp2_firmware wzr-1750dhp2
    • Published: Apr. 09, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0554

    Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.... Read more

    Affected Products : wzr-1750dhp2_firmware wzr-1750dhp2
    • Published: Apr. 09, 2018
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2018-0553

    The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : iremocon_wifi
    • Published: Apr. 09, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0552

    Untrusted search path vulnerability in The installer of PhishWall Client Firefox and Chrome edition for Windows Ver. 5.1.26 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : phishwall_client
    • Published: Mar. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-0551

    Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : garoon
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2018-0550

    Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of "Cabinet" via unspecified vectors.... Read more

    Affected Products : garoon
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-0549

    Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : garoon
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2018-0548

    Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to view the closed title of "Space" via unspecified vectors.... Read more

    Affected Products : garoon
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-0547

    Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : wp_all_import
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-0546

    Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : wp_all_import
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-0545

    LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.... Read more

    Affected Products : lxr
    • Published: Apr. 09, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0544

    Untrusted search path vulnerability in WinShot 1.53a and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : winshot
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293577 Results