Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2019-10364

    Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log.... Read more

    Affected Products : amazon_ec2 ec2
    • EPSS Score: %0.03
    • Published: Jul. 31, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10424

    Jenkins elOyente Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.... Read more

    Affected Products : eloyente
    • EPSS Score: %0.03
    • Published: Sep. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10367

    Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied.... Read more

    Affected Products : configuration_as_code
    • EPSS Score: %0.03
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-23534

    The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory.... Read more

    Affected Products : macos
    • EPSS Score: %0.05
    • Published: May. 08, 2023
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2013-0375

    Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.... Read more

    • EPSS Score: %0.35
    • Published: Jan. 17, 2013
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2019-10024

    An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters.... Read more

    Affected Products : xpdf
    • EPSS Score: %0.16
    • Published: Mar. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10108

    An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allowed non-members of a private project/group to add and read labels.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.16
    • Published: May. 15, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-1020014

    docker-credential-helpers before 0.6.3 has a double free in the List functions.... Read more

    Affected Products : ubuntu_linux fedora credential_helpers
    • EPSS Score: %0.24
    • Published: Jul. 29, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10019

    An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes.... Read more

    Affected Products : xpdf
    • EPSS Score: %0.18
    • Published: Mar. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-1010302

    jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.... Read more

    Affected Products : fedora debian_linux jhead
    • EPSS Score: %0.09
    • Published: Jul. 15, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-5482

    The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-201... Read more

    • EPSS Score: %1.40
    • Published: Nov. 11, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2019-1010305

    libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file... Read more

    • EPSS Score: %0.46
    • Published: Jul. 15, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-4573

    The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.... Read more

    • EPSS Score: %0.99
    • Published: Nov. 11, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2019-1010250

    The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: createFlow() and createFlows() functions ... Read more

    Affected Products : open_network_operating_system
    • EPSS Score: %0.19
    • Published: Jul. 18, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-1010315

    WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: ... Read more

    Affected Products : ubuntu_linux fedora debian_linux wavpack
    • EPSS Score: %0.62
    • Published: Jul. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-4408

    course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass intended access restrictions via a reset operation.... Read more

    Affected Products : moodle
    • EPSS Score: %0.17
    • Published: Sep. 19, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-23456

    A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.... Read more

    Affected Products : fedora upx upx
    • EPSS Score: %0.01
    • Published: Jan. 12, 2023
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2012-3360

    Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot)... Read more

    Affected Products : nova folsom essex
    • EPSS Score: %2.56
    • Published: Jul. 22, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-23409

    Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability... Read more

    • EPSS Score: %1.02
    • Published: Mar. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-2402

    wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.... Read more

    Affected Products : wordpress
    • EPSS Score: %1.00
    • Published: Apr. 21, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 292318 Results