Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2015-0869

    I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service (SSDP reflection) via UPnP requests.... Read more

    Affected Products : np-bbrm
    • EPSS Score: %0.40
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-0868

    Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS before 2.91 allows remote attackers to execute arbitrary code by uploading an executable file.... Read more

    Affected Products : bu2_bbs
    • EPSS Score: %1.70
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9200

    Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP C... Read more

    Affected Products : somachine unity_pro somove somove_lite
    • EPSS Score: %1.47
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2014-8630

    Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-arg... Read more

    Affected Products : fedora bugzilla
    • EPSS Score: %0.62
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2014-7270

    Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U ro... Read more

    • EPSS Score: %0.13
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2014-7269

    ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, a... Read more

    • EPSS Score: %0.55
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2014-7266

    Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability ... Read more

    Affected Products : remote_service_manager
    • EPSS Score: %0.55
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-0926

    Labtech before 100.237 on Linux uses world-writable permissions for root-executed scripts, which allows local users to gain privileges by modifying a script file.... Read more

    Affected Products : labtech
    • EPSS Score: %0.03
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-0870

    Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory Fumy News Clipper 2.x before 2.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : fumy_news_clipper
    • EPSS Score: %0.31
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 6.4

    MEDIUM
    CVE-2014-8268

    QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request.... Read more

    Affected Products : portal
    • EPSS Score: %0.71
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-8267

    Cross-site scripting (XSS) vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the RID parameter.... Read more

    Affected Products : portal
    • EPSS Score: %0.55
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-8266

    Multiple cross-site scripting (XSS) vulnerabilities in the note-creation page in QPR Portal 2014.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body field.... Read more

    Affected Products : portal
    • EPSS Score: %0.55
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2014-7288

    Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action.... Read more

    • EPSS Score: %10.36
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-7287

    The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as ... Read more

    • EPSS Score: %0.51
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-4632

    VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, ... Read more

    Affected Products : vsphere_data_protection
    • EPSS Score: %0.14
    • Published: Feb. 01, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-9161

    CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecif... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %1.41
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2014-8840

    The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.33
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-8839

    Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requ... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.48
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-8838

    The Security component in Apple OS X before 10.10.2 does not properly process cached information about app certificates, which allows attackers to bypass the Gatekeeper protection mechanism by leveraging access to a revoked Developer ID certificate for si... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.16
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-8837

    Multiple unspecified vulnerabilities in the Bluetooth driver in Apple OS X before 10.10.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.68
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291002 Results