Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2007-3875

    arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" ... Read more

    • Published: Jul. 26, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3978

    Session fixation vulnerability in bwired allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.... Read more

    Affected Products : bwired
    • Published: Jul. 25, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3989

    Multiple cross-site scripting (XSS) vulnerabilities in default.asp in Dora Emlak 1.0, when the goster parameter is set to iletisim, allow remote attackers to inject arbitrary web script or HTML via the (1) Adiniz and (2) Soyadiniz parameters; and possibly... Read more

    Affected Products : dora_emlak
    • Published: Jul. 25, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3975

    Cross-site scripting (XSS) vulnerability in index.php in Elite Forum 1.0.0.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter in a ptopic action, a different vulnerability than CVE-2005-3412.... Read more

    Affected Products : elite_forum
    • Published: Jul. 25, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3940

    Cross-site scripting (XSS) vulnerability in default.asp in QuickerSite 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the svalue parameter in a search action. NOTE: some of these details are obtained from third party information... Read more

    Affected Products : quickersite
    • Published: Jul. 21, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3885

    Cross-site scripting (XSS) vulnerability in philboard_search.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtai... Read more

    Affected Products : husrevforum
    • Published: Jul. 18, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2013-0512

    Stack-based buffer overflow in the Manual Explore browser plug-in for Firefox in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to cause a denial of service (plug-in... Read more

    • Published: Mar. 29, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2007-3887

    Multiple cross-site scripting (XSS) vulnerabilities in mesaj_formu.asp in ASP Ziyaretci Defteri 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Isim, (2) Mesajiniz, and (3) E-posta fields. NOTE: these probably correspond to ... Read more

    Affected Products : asp_ziyaretci_defteri
    • Published: Jul. 18, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3726

    Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive that causes a... Read more

    Affected Products : unrar
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2013-2404

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect integrity via unknown vectors related to Portal, a different vulnerability than CVE-2013-3818... Read more

    Affected Products : peoplesoft_products
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2013-2408

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect integrity via vectors related to PIA Core Technology and use of Internet Explorer 6.... Read more

    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2007-3657

    Mozilla Firefox 2.0.0.4 allows remote attackers to cause a denial of service by opening multiple tabs in a popup window. NOTE: this issue has been disputed by third party researchers, stating that "this does not crash on me, and I can't see a likely mech... Read more

    Affected Products : firefox
    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3640

    Adobe Integrated Runtime (AIR, aka Apollo) allows context-dependent attackers to modify arbitrary files within an executing .air file (compiled AIR application) and perform cross-site scripting (XSS) attacks, as demonstrated by an application that modifie... Read more

    Affected Products : adobe_air
    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3596

    inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric characters in the sess_id parameter, which has unknown impact and remote attack vectors, probably cross-site scripting (XSS).... Read more

    Affected Products : phpvideopro
    • Published: Jul. 06, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-3569

    Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) datab... Read more

    Affected Products : oliver_library_management_system
    • Published: Jul. 05, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2013-2311

    Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : web2py
    • Published: May. 22, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2012-6563

    engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.... Read more

    Affected Products : elgg
    • Published: May. 23, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2012-6556

    Multiple cross-site scripting (XSS) vulnerabilities in the FirstLastNames plugin 1.1.1 for Vanilla Forums allow remote attackers to inject arbitrary web script or HTML via the (1) User/FirstName or (2) User/LastName parameter to the edit user page. NOTE:... Read more

    Affected Products : firstlastnames
    • Published: May. 23, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2013-2337

    Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : service_manager service_center
    • Published: Jun. 14, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2007-3517

    Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) index.php, (2) demo/claroline170/index.php, and possibly other scripts.... Read more

    Affected Products : claroline
    • Published: Jul. 03, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 294522 Results