Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2014-2185

    The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374.... Read more

    Affected Products : unified_communications_manager
    • EPSS Score: %0.18
    • Published: Apr. 29, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2022-27657

    A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Diagnostics Agent 1.0) - version 1.0.... Read more

    Affected Products : focused_run
    • EPSS Score: %0.29
    • Published: Apr. 12, 2022
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2010-4334

    The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.... Read more

    Affected Products : io-socket-ssl
    • EPSS Score: %0.56
    • Published: Jan. 14, 2011
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2008-5626

    XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via a crafted argument to the NLST command, as demonstrated by a -1 argument.... Read more

    Affected Products : xm_easy_personal_ftp_server
    • EPSS Score: %79.29
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2019-4177

    IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158882.... Read more

    Affected Products : cognos_controller
    • EPSS Score: %0.05
    • Published: Jun. 17, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2020-15279

    An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external securi... Read more

    Affected Products : endpoint_security_tools
    • EPSS Score: %0.11
    • Published: May. 18, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2013-5383

    IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5382.... Read more

    Affected Products : maximo_asset_management
    • EPSS Score: %0.23
    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2011-0840

    Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools 8.49 GA through 8.49.30 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing.... Read more

    • EPSS Score: %0.17
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2019-19964

    On NETGEAR GS728TPS devices through 5.3.0.35, a remote attacker having network connectivity to the web-administration panel can access part of the web panel, bypassing authentication.... Read more

    Affected Products : gs728tps_firmware gs728tps
    • EPSS Score: %0.16
    • Published: Mar. 23, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2019-4054

    IBM QRadar SIEM 7.2 and 7.3 could allow a local user to obtain sensitive information when exporting content that could aid an attacker in further attacks against the system. IBM X-Force ID: 156563.... Read more

    • EPSS Score: %0.09
    • Published: Jul. 17, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2016-0587

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing.... Read more

    • EPSS Score: %0.17
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-6082

    IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (administration UI outage) via unspecified vectors.... Read more

    • EPSS Score: %0.91
    • Published: Dec. 18, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2006-2633

    Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in... Read more

    Affected Products : bytehoard
    • EPSS Score: %0.44
    • Published: May. 30, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2014-8153

    The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to eac... Read more

    Affected Products : neutron router_advertisement_daemon
    • EPSS Score: %0.71
    • Published: Jan. 15, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2010-0406

    OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.... Read more

    Affected Products : openttd
    • EPSS Score: %0.46
    • Published: May. 05, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2021-25504

    Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.... Read more

    Affected Products : group_sharing
    • EPSS Score: %0.07
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2015-4929

    IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 before 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via a REST API request.... Read more

    Affected Products : license_metric_tool
    • EPSS Score: %0.14
    • Published: Oct. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2013-0479

    IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not properly restrict file types and extensions, which allows remote authenticated users to bypass intended access restrictions via a crafted filename.... Read more

    • EPSS Score: %0.12
    • Published: Jul. 03, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2022-29253

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and ... Read more

    Affected Products : xwiki
    • EPSS Score: %0.06
    • Published: May. 25, 2022
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2008-1263

    The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.... Read more

    Affected Products : wrt54g wrt54g_firmware
    • EPSS Score: %0.20
    • Published: Mar. 10, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291902 Results