Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2008-6499

    security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote attackers to spoof critical variables, as demonstrated by setting the REMOTE_ADDR variable to 127.0.0.1.... Read more

    Affected Products : xampp
    • Published: Mar. 20, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2008-6659

    Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote authenticated users to configure arbitrary local files for execution via directory traversal sequences in the value of the t... Read more

    Affected Products : simple_machines_forum
    • Published: Apr. 07, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2009-1001

    Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors.... Read more

    Affected Products : bea_product_suite
    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2009-1466

    Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file.... Read more

    Affected Products : application_access_server
    • Published: May. 14, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2010-3530

    Unspecified vulnerability in the PeopleSoft Enterprise HCM - HR component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #13 and 9.1 Bundle #3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2010-3537

    Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vect... Read more

    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2010-4419

    Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #31 and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order C... Read more

    • Published: Jan. 19, 2011
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2011-0850

    Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 Bundle #41 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order Capture.... Read more

    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2011-0860

    Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll - Spain.... Read more

    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2011-1950

    plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011.... Read more

    Affected Products : plone
    • Published: Jun. 06, 2011
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2011-2277

    Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.0 Bundle #36 and 9.1 Bundle #13 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Purchasing.... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2022-36797

    Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : ixgben
    • Published: Feb. 16, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-3568

    Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Services Secur... Read more

    Affected Products : fusion_middleware
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2012-0517

    Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to eCompensation Manager Desktop.... Read more

    Affected Products : peoplesoft_products
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2012-2366

    mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors.... Read more

    Affected Products : moodle
    • Published: Jul. 21, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2012-2358

    Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to bypass an activity's read-only state and modify the database by leveraging the student role and editing database activity entries that already exist... Read more

    Affected Products : moodle
    • Published: Jul. 21, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2012-3140

    Unspecified vulnerability in the Oracle Agile PLM For Process component in Oracle Supply Chain Products Suite 6.0.0.6.3 and 6.1.0.1.14 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Supply Chain Re... Read more

    Affected Products : supply_chain_products_suite
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2022-44081

    Lodepng v20220717 was discovered to contain a segmentation fault via the function pngdetail.... Read more

    Affected Products : lodepng
    • Published: Oct. 31, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2013-6373

    The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors.... Read more

    Affected Products : exclusion
    • Published: Nov. 25, 2013
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2013-7196

    static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[item_id] parameter for the publication.... Read more

    Affected Products : phpfox
    • Published: Apr. 18, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 294701 Results