Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2014-7844

    BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.... Read more

    • EPSS Score: %0.91
    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2014-7303

    SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db.... Read more

    Affected Products : sgi_tempo
    • EPSS Score: %0.05
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2014-7302

    SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx.... Read more

    Affected Products : sgi_tempo
    • EPSS Score: %0.06
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 6.6

    MEDIUM
    CVE-2014-7301

    SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw.... Read more

    Affected Products : sgi_tempo
    • EPSS Score: %0.12
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2014-7272

    Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the ... Read more

    Affected Products : fedora sddm
    • EPSS Score: %0.15
    • Published: Mar. 08, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2014-7271

    Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication.... Read more

    Affected Products : fedora sddm
    • EPSS Score: %0.09
    • Published: Mar. 08, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-7257

    SQL injection vulnerability in DBD::PgPP 0.05 and earlier... Read more

    Affected Products : \
    • EPSS Score: %0.31
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-7238

    The WordPress plugin Contact Form Integrated With Google Maps 1.0-2.4 has Stored XSS... Read more

    • EPSS Score: %0.26
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2014-7236

    Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome.... Read more

    Affected Products : twiki
    • EPSS Score: %84.23
    • Published: Feb. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2014-7224

    A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code.... Read more

    Affected Products : android
    • EPSS Score: %2.20
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2014-7222

    Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two... Read more

    Affected Products : teamspeak3
    • EPSS Score: %12.10
    • Published: Jan. 08, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2014-7221

    TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab contain... Read more

    Affected Products : teamspeak3
    • EPSS Score: %10.23
    • Published: Jan. 08, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2014-7198

    OMERO before 5.0.6 has multiple CSRF vulnerabilities because the framework for OMERO's web interface lacks CSRF protection.... Read more

    Affected Products : omero
    • EPSS Score: %0.18
    • Published: Apr. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-7175

    FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php.... Read more

    • EPSS Score: %0.43
    • Published: Jun. 01, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2014-7174

    FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature.... Read more

    • EPSS Score: %0.15
    • Published: Jun. 01, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-7173

    FarLinX X25 Gateway through 2014-09-25 allows command injection via shell metacharacters to sysSaveMonitorData.php, fsx25MonProxy.php, syseditdate.php, iframeupload.php, or sysRestoreX25Cplt.php.... Read more

    • EPSS Score: %13.08
    • Published: Jun. 01, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2014-6633

    The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x before 3.2.3 allows remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the collection.... Read more

    Affected Products : trytond tryton
    • EPSS Score: %1.09
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-6617

    Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password for the root account, which allows remote attackers to obtain administrative access via a TELNET session.... Read more

    • EPSS Score: %17.02
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2014-6604

    Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in the Subscribe2 plugin before 10.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ip parameter.... Read more

    Affected Products : subscribe2
    • EPSS Score: %0.18
    • Published: Mar. 29, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2014-6448

    Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access.... Read more

    Affected Products : junos junos
    • EPSS Score: %0.04
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292727 Results