Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2011-2323

    Unspecified vulnerability in the Health Sciences - Oracle Thesaurus Management System component in Oracle Industry Applications 4.6.1 and 4.6.2 allows remote attackers to affect integrity, related to TMS Help.... Read more

    Affected Products : industry_applications
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0893

    Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : operations
    • Published: Apr. 04, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2015-2586

    Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect availability via unknown vectors.... Read more

    Affected Products : database_server
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2011-2316

    Unspecified vulnerability in the Siebel Apps - Marketing component in Oracle Siebel CRM 8.0.0 allows remote attackers to affect integrity via unknown vectors related to Email Marketing.... Read more

    Affected Products : siebel_crm
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0849

    Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 allows remote attackers to affect integrity, related to HTML Adaptor.... Read more

    Affected Products : java_dynamic_management_kit
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0837

    Unspecified vulnerability in the Agile Technology Platform component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote attackers to affect confidentiality via unknown vectors related to Security.... Read more

    Affected Products : supply_chain_products_suite
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0909

    Cross-site scripting (XSS) vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to inject arbitrary web script or HTML via the p parameter to an unspecified component, a different vulnerability than CVE-2011-0526.... Read more

    Affected Products : vanilla_forums vanilla
    • Published: Feb. 08, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-2743

    Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the action parameter to (1) the default URI or (2) includes/javascript.php, or the (3) title or (4) body paramet... Read more

    Affected Products : chyrp
    • Published: Jul. 19, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0887

    The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the... Read more

    Affected Products : smcd3g-ccr smcd3g-ccr_firmware
    • Published: Feb. 08, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2009-0502

    Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTM... Read more

    Affected Products : moodle snoopy
    • Published: Feb. 10, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2011-1953

    Multiple cross-site scripting (XSS) vulnerabilities in common.php in Post Revolution before 0.8.0c-2 allow remote attackers to inject arbitrary web script or HTML via an attribute of a (1) P, a (2) STRONG, a (3) A, a (4) EM, a (5) I, a (6) IMG, a (7) LI, ... Read more

    Affected Products : post_revolution
    • Published: Jun. 06, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0843

    Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 7.8.2, 8.0.0, and 8.1.1 allows remote attackers to affect integrity via unknown vectors related to Globalization - Automotive.... Read more

    Affected Products : siebel_crm
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2016-2155

    The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/grade:manage capability, which allows remote authenticated users to modify "Exclude grade" s... Read more

    Affected Products : moodle
    • Published: May. 22, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2011-0791

    Unspecified vulnerability in the Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Data Export.... Read more

    Affected Products : e-business_suite
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2020-16201

    Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information.... Read more

    Affected Products : cncsoft_screeneditor
    • Published: Aug. 04, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2011-0844

    Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.... Read more

    Affected Products : sun_products_suite
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0805

    Unspecified vulnerability in the UIX component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect integrity via unknown vectors.... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-2771

    Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) URI attributes and (2) the External Feed component, as demonstrated by the guid element in ... Read more

    Affected Products : mahara
    • Published: Nov. 15, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0828

    Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle #13 allows remote attackers to affect integrity via unknown vectors related to Application Portal.... Read more

    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2011-0770

    Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file.... Read more

    • Published: Jul. 19, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 293521 Results