Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2007-1515

    Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP H3 4.1.3, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via (1) the email Subject header in thread.php, (2) the edit_query parameter in search.php, or o... Read more

    Affected Products : imp internet_mail_program
    • Published: Mar. 20, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2023-49877

    IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a remote authenticated user to obtain sensitive information, caused by improper filtering of URLs. By submitting a specially crafted HTTP GET request, an attacker ... Read more

    • Published: Dec. 13, 2023
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2007-2721

    The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally d... Read more

    Affected Products : jasper_jpeg-2000
    • Published: May. 16, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3226

    Cross-site scripting (XSS) vulnerability in dotProject before 2.1 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2006-2851 and CVE-2006-3240.... Read more

    Affected Products : dotproject
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-4479

    Cross-site scripting (XSS) vulnerability in search.html in Search Engine Builder allows remote attackers to inject arbitrary web script or HTML via the searWords parameter.... Read more

    • Published: Aug. 22, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-2913

    Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 allows remote attackers to inject arbitrary web script or HTML via the query parameter.... Read more

    Affected Products : clonuswiki
    • Published: May. 30, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-2391

    Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 for Windows allows remote attackers to inject arbitrary web script or HTML via a web page that includes a windows.setTimeout function that is activated after the user has moved from the c... Read more

    Affected Products : safari
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-2061

    Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to inject arbitrary web script or HTML via the username parameter.... Read more

    Affected Products : mailbee_webmail
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-4487

    Cross-site scripting (XSS) vulnerability in D22-Shoutbox for Invision Power Board (IPB or IP.Board) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : d22-shoutbox
    • Published: Aug. 22, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-4512

    Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted file... Read more

    Affected Products : anti-virus
    • Published: Sep. 10, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2025-9629

    The USS Upyun plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.0. This is due to missing or incorrect nonce validation on the uss_setting_page function when processing the uss_set form type. This m... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 4.3

    MEDIUM
    CVE-2007-2400

    Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scri... Read more

    • Published: Jun. 25, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-2071

    Multiple cross-site scripting (XSS) vulnerabilities in Open-gorotto 2.0a 2006/02/08 edition, 2006/03/19 edition, and 2006/04/07 edition before 20070416 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) pub/mod... Read more

    Affected Products : open-gorotto
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3212

    Multiple cross-site scripting (XSS) vulnerabilities in links.php in Beehive Forum 0.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewmode, (2) fid, and (3) sort_dir parameters, different vectors than CVE-2005-4460.... Read more

    Affected Products : beehive_forum
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3406

    Multiple absolute path traversal vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 allow remote attackers to access arbitrary local files via the file: URI in the (1) src attribute of a (a) bgsound, (b) input, (c) EMBED, (d) img, or (e) s... Read more

    Affected Products : internet_explorer windows_xp
    • Published: Jun. 26, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3070

    Cross-site scripting (XSS) vulnerability in index.php in BDigital Web Solutions WebStudio allows remote attackers to inject arbitrary web script or HTML via the pageid parameter.... Read more

    Affected Products : webstudio_cms
    • Published: Jun. 06, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-1519

    Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-394... Read more

    Affected Products : php-nuke
    • Published: Mar. 20, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-2801

    Multiple cross-site scripting (XSS) vulnerabilities in open.php in eTicket 1.5.5 and 1.5.5.1, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) err and (2) warn parameters. NOTE: the vendor disput... Read more

    Affected Products : eticket
    • Published: Jun. 30, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2023-32979

    Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home director... Read more

    Affected Products : email_extension
    • Published: May. 16, 2023
    • Modified: Jan. 23, 2025

  • 4.3

    MEDIUM
    CVE-2007-2235

    Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories... Read more

    Affected Products : punbb
    • Published: Apr. 25, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 294837 Results