Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2016-0207

    IBM Algorithmics One-Algo Risk Application (ARA) 4.9.1 through 5.1.0 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. IBM X-Force ID: 109399.... Read more

    Affected Products : algo_risk_application
    • EPSS Score: %0.12
    • Published: Jan. 16, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-31705

    A Reflected Cross-site scripting (XSS) vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter.... Read more

    Affected Products : task_reminder_system
    • EPSS Score: %0.19
    • Published: Jul. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-3683

    A vulnerability has been found in LivelyWorks Articart 2.0.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /items/search. The manipulation of the argument search_term leads to cross site scripting. T... Read more

    Affected Products : articart
    • EPSS Score: %0.06
    • Published: Jul. 16, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-2143

    The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability.... Read more

    Affected Products : enable_svg\,_webp_\&_ico_upload
    • EPSS Score: %0.17
    • Published: Jul. 17, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-2681

    Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Security). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network ac... Read more

    • EPSS Score: %0.30
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-36656

    Cross Site Scripting (XSS) vulnerability in Jaegertracing Jaeger UI before v.1.31.0 allows a remote attacker to execute arbitrary code via the KeyValuesTable component.... Read more

    Affected Products : jaeger_ui
    • EPSS Score: %0.47
    • Published: Jul. 17, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-3586

    Mattermost fails to disable public Boards after the "Enable Publicly-Shared Boards" configuration option is disabled, resulting in previously-shared public Boards to remain accessible. ... Read more

    Affected Products : mattermost_server mattermost
    • EPSS Score: %0.16
    • Published: Jul. 17, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-3403

    The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pm_upload_csv' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with sub... Read more

    Affected Products : profilegrid
    • EPSS Score: %0.06
    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-22039

    Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: WebClient). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac... Read more

    • EPSS Score: %0.22
    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-3787

    A vulnerability classified as problematic was found in Codecanyon Tiva Events Calender 1.4. This vulnerability affects unknown code. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has... Read more

    Affected Products : tiva_events_calendar
    • EPSS Score: %0.07
    • Published: Jul. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-28865

    An issue was discovered in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most co... Read more

    Affected Products : netact
    • EPSS Score: %0.07
    • Published: Jul. 24, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-23568

    Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), ... Read more

    Affected Products : command_centre
    • EPSS Score: %0.07
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-35929

    Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the... Read more

    Affected Products : tuleap
    • EPSS Score: %0.42
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-6190

    Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.... Read more

    Affected Products : wf2419_firmware wf2419
    • EPSS Score: %0.19
    • Published: Jan. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-31466

    An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the "Configuration -> Compliance -> Add a new compliance report" and "Configuration -> Timekeeper Configuration -> Add a new source there" screens, there are entry points to inject JavaScript co... Read more

    Affected Products : timekeeper
    • EPSS Score: %0.09
    • Published: Jul. 26, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-1000386

    Jenkins Active Choices plugin version 1.5.3 and earlier allowed users with Job/Configure permission to provide arbitrary HTML to be shown on the 'Build With Parameters' page through the 'Active Choices Reactive Reference Parameter' type. This could includ... Read more

    Affected Products : active_choices
    • EPSS Score: %0.04
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-3969

    A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulati... Read more

    Affected Products : availability_booking_calendar_php
    • EPSS Score: %0.07
    • Published: Jul. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2023-3980

    Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.... Read more

    Affected Products : omeka omeka_s
    • EPSS Score: %0.07
    • Published: Jul. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-1516

    IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and p... Read more

    • EPSS Score: %0.25
    • Published: Jan. 26, 2018
    • Modified: Feb. 05, 2025

  • 5.4

    MEDIUM
    CVE-2017-1532

    IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ... Read more

    • EPSS Score: %0.32
    • Published: Jan. 26, 2018
    • Modified: Feb. 05, 2025
Showing 20 of 290943 Results