Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2021-29974

    When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security (which implies that the error shoul... Read more

    Affected Products : firefox
    • Published: Aug. 05, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-29963

    Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.... Read more

    Affected Products : firefox
    • Published: Jun. 24, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2024-4767

    If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and ... Read more

    • Published: May. 14, 2024
    • Modified: Apr. 01, 2025

  • 4.3

    MEDIUM
    CVE-2017-5119

    Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.... Read more

    Affected Products : debian_linux chrome
    • Published: Oct. 27, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2024-4006

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL... Read more

    Affected Products : gitlab
    • Published: Apr. 25, 2024
    • Modified: Dec. 12, 2024

  • 4.3

    MEDIUM
    CVE-2021-30159

    An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePage::isValidMoveTarget() uses FOR UPDATE, but it's only ca... Read more

    Affected Products : fedora debian_linux mediawiki
    • Published: Apr. 09, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2017-5096

    Insufficient policy enforcement during navigation between different schemes in Google Chrome prior to 60.0.3112.78 for Android allowed a remote attacker to perform cross origin content download via a crafted HTML page, related to intents.... Read more

    Affected Products : android chrome
    • Published: Oct. 27, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2017-5079

    Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.... Read more

    • Published: Oct. 27, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2017-11848

    Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server 2008 SP2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker t... Read more

    • Published: Nov. 15, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2017-5001

    EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information disclosed in ... Read more

    Affected Products : rsa_archer_egrc
    • Published: Jul. 07, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2021-2033

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows low privilege... Read more

    Affected Products : weblogic_server
    • Published: Jan. 20, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2017-11844

    Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Discl... Read more

    Affected Products : edge windows_10 windows_server
    • Published: Nov. 15, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2021-30155

    An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of a nonexistent page.... Read more

    Affected Products : fedora debian_linux mediawiki
    • Published: Apr. 09, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2018-6041

    Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.... Read more

    • Published: Sep. 25, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-8330

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protoco... Read more

    Affected Products : solaris
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2021-30630

    Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.... Read more

    Affected Products : fedora chrome edge_chromium
    • Published: Oct. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2018-6051

    XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.... Read more

    • Published: Sep. 25, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-2153

    Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite (component: Mobile Expenses). Supported versions that are affected are 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access vi... Read more

    Affected Products : internet_expenses
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-2155

    Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with ... Read more

    Affected Products : one-to-one_fulfillment
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-30589

    Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.... Read more

    Affected Products : fedora chrome edge_chromium
    • Published: Aug. 03, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293685 Results