Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2009-4972

    Cross-site scripting (XSS) vulnerability in index.php (aka the log in page) in SimpleID before 0.6.5 allows remote attackers to inject arbitrary web script or HTML via the s parameter.... Read more

    Affected Products : simpleid
    • Published: Jul. 28, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2009-4980

    Multiple cross-site scripting (XSS) vulnerabilities in Photokorn Gallery 1.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) where[] parameter to search.php and (2) qc parameter to admin.php.... Read more

    Affected Products : photokorn_gallery
    • Published: Aug. 25, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2009-2149

    Multiple cross-site scripting (XSS) vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the (1) courseid parameter to enrolments/step1.php, or the (2) search or (3) siteid parameter to files/shared_list.... Read more

    Affected Products : campus_virtual-lms
    • Published: Jun. 22, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-2119

    Cross-site scripting (XSS) vulnerability in the login interface (my.logon.php3) in F5 FirePass SSL VPN 5.5 through 5.5.2 and 6.0 through 6.0.3 allows remote attackers to inject arbitrary web script or HTML via a base64-encoded xcho parameter.... Read more

    Affected Products : firepass_ssl_vpn
    • Published: Jun. 18, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-2217

    Cross-site scripting (XSS) vulnerability in NBBC before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via an invalid URL in a BBCode img tag.... Read more

    Affected Products : nbbc
    • Published: Jun. 25, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-2141

    Multiple cross-site scripting (XSS) vulnerabilities in TBDev.NET 01-01-08 allow remote attackers to inject arbitrary web script or HTML via (1) the returnto parameter to makepoll.php, (2) the returnto parameter in a delete action to polls.php, or the (3) ... Read more

    Affected Products : tbdev.net
    • Published: Jun. 22, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-1790

    Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees before 2.11 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.... Read more

    Affected Products : rescue
    • Published: May. 26, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4975

    Cross-site scripting (XSS) vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE... Read more

    Affected Products : qtdemobrowser
    • Published: Aug. 02, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2009-2138

    Multiple open redirect vulnerabilities in TBDev.NET 01-01-08 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the returnto parameter to login.php or (2) the returnto parameter in a delete action to news.... Read more

    Affected Products : tbdev.net
    • Published: Jun. 19, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2010-4616

    Cross-site scripting (XSS) vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web script or HTML via the quicksearch_ContentContent parameter.... Read more

    Affected Products : impresscms
    • Published: Dec. 29, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2010-4667

    Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.4.27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : coppermine_photo_gallery
    • Published: Jun. 14, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2009-2107

    Multiple cross-site scripting (XSS) vulnerabilities in index.php in Webmedia Explorer (webmex) 5.09 and 5.10 allow remote attackers to inject arbitrary web script or HTML via event handlers such as onmouseover in the (1) search or (2) tag parameters; (3) ... Read more

    Affected Products : webmedia_explorer
    • Published: Jun. 17, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2010-1625

    Cross-site scripting (XSS) vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-... Read more

    Affected Products : lxr_cross_referencer lxr
    • Published: Jun. 24, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2009-2153

    Cross-site scripting (XSS) vulnerability in index.php in Impleo Music Collection 2.0 allows remote attackers to inject arbitrary web script or HTML via the sort parameter.... Read more

    Affected Products : impleo_music_collection
    • Published: Jun. 22, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-2126

    Cross-site scripting (XSS) vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the title (aka subject) field.... Read more

    Affected Products : elvinbts
    • Published: Jun. 19, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2021-44697

    Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Expl... Read more

    Affected Products : macos windows audition
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2009-5000

    Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters ... Read more

    Affected Products : filenet_p8_application_engine
    • Published: Sep. 20, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2010-1614

    Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is... Read more

    Affected Products : moodle
    • Published: Apr. 29, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2010-3762

    ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.... Read more

    Affected Products : bind
    • Published: Oct. 05, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2010-1594

    Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via (1) the query string, (2) the BASE parameter, or (3) the ega_1 parameter. NOTE: some ... Read more

    Affected Products : ocs_inventory_ng
    • Published: Apr. 28, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 294120 Results