Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2013-5013

    Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote attackers to inject arbitrary web script or HTML via (1) vectors involving PHP scripts and (2) unspecified ot... Read more

    Affected Products : web_gateway
    • Published: Feb. 11, 2014
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2008-3873

    The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to populate the clipboard with a URL that is difficult to delete and does not require user interaction to populate the clipboard, as exploit... Read more

    Affected Products : flash_player
    • Published: Aug. 29, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2014-0433

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.... Read more

    Affected Products : mysql
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2013-1759

    Cross-site scripting (XSS) vulnerability in the Responsive Logo Slideshow plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the "URL and Image" field.... Read more

    Affected Products : responsive_logo_slideshow
    • Published: Mar. 14, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2013-5005

    Multiple cross-site scripting (XSS) vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) m_target_class_name, (2) m_target_method_name, or (3) m_reque... Read more

    Affected Products : tripwire_enterprise
    • Published: Jan. 29, 2014
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2010-0433

    The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NU... Read more

    Affected Products : openssl
    • Published: Mar. 05, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2013-4996

    Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, (3) a... Read more

    Affected Products : phpmyadmin
    • Published: Jul. 31, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2013-1636

    Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 ... Read more

    • Published: Mar. 12, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-0445

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Core Technology, a different vulnerability than CVE-2014-0381.... Read more

    Affected Products : peoplesoft_products
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2017-13852

    An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to monitor arbit... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2013-4950

    Cross-site scripting (XSS) vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element_2 parameter.... Read more

    Affected Products : machform machform
    • Published: Jul. 29, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2017-1226

    IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system. IBM X-Force ID: 123905.... Read more

    Affected Products : bigfix_platform
    • Published: Oct. 26, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2013-4941

    Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, al... Read more

    Affected Products : moodle yui yui
    • Published: Jul. 29, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2022-21383

    Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications (component: Log). Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access v... Read more

    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2014-0463

    Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via unknown vectors related to Scripting, a different vulnerability than CVE-2014-0464.... Read more

    Affected Products : jdk jre
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2013-4939

    Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.0.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows... Read more

    Affected Products : moodle yui yui
    • Published: Jul. 29, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2013-4935

    The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attacker... Read more

    Affected Products : wireshark
    • Published: Jul. 30, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2014-2191

    Cross-site scripting (XSS) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun91113.... Read more

    • Published: May. 07, 2014
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2013-4579

    The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers... Read more

    Affected Products : linux_kernel
    • Published: Nov. 20, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2014-0521

    Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: May. 14, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 294210 Results