Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2006-4460

    Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.96 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : php_iaddressbook
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3665

    SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows remote attackers to hijack cookies in src/redirect.php via unknown vectors. NOTE: while "cookie theft" is frequently associated with XSS, the vendor disclosure is too vague to be certa... Read more

    Affected Products : squirrelmail change_passwd
    • Published: Jul. 18, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2011-0715

    The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.... Read more

    Affected Products : subversion
    • Published: Mar. 11, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2023-39327

    A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.... Read more

    Affected Products : enterprise_linux openjpeg
    • Published: Jul. 13, 2024
    • Modified: Aug. 08, 2025

  • 4.3

    MEDIUM
    CVE-2011-0604

    Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vul... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2006-3624

    Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 allow remote attackers to inject arbitrary web script or HTML via the url parameter to (1) player.php or (2) popup.php.... Read more

    Affected Products : flv_player
    • Published: Jul. 18, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3607

    Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner Exchange Script (aka Banner Exchange Network Script) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the city parameter in (a) insertmember.php, and (2) a PHPS... Read more

    Affected Products : banner_exchange
    • Published: Jul. 18, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2011-0315

    Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web Container component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via vectors relat... Read more

    Affected Products : websphere_application_server
    • Published: Jan. 12, 2011
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2006-3564

    Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the email, (2) cond, or (3) name parameters to (a) addressbook.view.php, (4) the daysprune parameter to (... Read more

    Affected Products : hivemail
    • Published: Jul. 13, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3558

    Multiple cross-site scripting (XSS) vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote attackers to inject arbitrary web script or HTML via (1) the judul_artikel parameter in teman.php and (2) the title of an article sent to admin, which is disp... Read more

    Affected Products : auracms
    • Published: Jul. 13, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2012-4437

    Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception.... Read more

    Affected Products : smarty
    • Published: Oct. 01, 2012
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2018-6225

    An XML external entity injection (XXE) vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an authenticated user to expose a normally protected configuration script.... Read more

    Affected Products : email_encryption_gateway
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2006-3539

    Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com Dragon's Kingdom Script 1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the (1) Subject and (2) Message fi... Read more

    Affected Products : dragons_kingdom_script
    • Published: Jul. 13, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2018-6177

    Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.... Read more

    Affected Products : chrome
    • Published: Jun. 27, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2006-3476

    Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.... Read more

    Affected Products : phpwebgallery
    • Published: Jul. 10, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3436

    Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "ASP.NET controls that set the AutoPostBack property to true".... Read more

    Affected Products : .net_framework
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2018-7289

    An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2. Malware with filenames containing pure UTF-16 characters can bypass detection. The user-mode service will fail to open the file for scanning after the conversion ... Read more

    Affected Products : armadito_antivirus
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2012-4546

    The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists ... Read more

    Affected Products : enterprise_linux
    • Published: Apr. 03, 2013
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2006-2764

    Cross-site scripting (XSS) vulnerability in GuestbookXL 1.3 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in an IMG tag in a comment field to (1) guestwrite.php or (2) guestbook.php.... Read more

    Affected Products : guestbookxl
    • Published: Jun. 02, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-2757

    Cross-site scripting (XSS) vulnerability in Chipmunk guestbook allows remote attackers to inject arbitrary web script or HTML via the (1) start parameter in (a) index.php; (2) forumID parameter in index.php, (b) newtopic.php, and (c) reply.php; and (3) ID... Read more

    Affected Products : chipmunk_guestbook
    • Published: Jun. 02, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 293568 Results