Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2010-3701

    lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service (stack memory exhaustion and broker crash) via a large persistent message.... Read more

    Affected Products : enterprise_mrg enterprise_mrg
    • EPSS Score: %0.62
    • Published: Oct. 12, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-4583

    McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of arbitrary users by navigating within the Dashboard.... Read more

    • EPSS Score: %0.16
    • Published: Aug. 22, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2021-31404

    Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.13 (Vaadin 10.0.0 through 10.0.16), 1.1.0 prior to 2.0.0 (Vaadin 11 prior to 14), 2.0.0 through 2.4.6 (Vaadin 14.0.0 through 14.4.6), ... Read more

    Affected Products : vaadin flow flow-server
    • EPSS Score: %0.05
    • Published: Apr. 23, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2013-5847

    Unspecified vulnerability in the PeopleSoft Enterprise HRMS eCompensation component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to eCompensation.... Read more

    Affected Products : peoplesoft_products
    • EPSS Score: %0.19
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-4020

    MosP kintai kanri before 4.1.0 does not enforce privilege requirements, which allows remote authenticated users to read other users' information via unspecified vectors.... Read more

    Affected Products : kintai_kanri
    • EPSS Score: %0.22
    • Published: Nov. 08, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2014-4759

    An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x through 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document ... Read more

    Affected Products : business_process_manager
    • EPSS Score: %0.18
    • Published: Sep. 04, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2024-20900

    Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication.... Read more

    Affected Products : android android dex
    • Published: Jul. 02, 2024
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2006-6964

    MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.... Read more

    Affected Products : mailenable_professional
    • EPSS Score: %0.11
    • Published: Jan. 29, 2007
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2015-4746

    Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0.0.7, 6.1.0.3, 6.1.1.5, and 6.2.0.0 allows remote authenticated users to affect confidentiality via unknown vectors r... Read more

    Affected Products : supply_chain_products_suite
    • EPSS Score: %0.20
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2008-2621

    Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CV... Read more

    • EPSS Score: %0.38
    • Published: Jul. 15, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2011-4817

    The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM ... Read more

    • EPSS Score: %0.33
    • Published: Mar. 13, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2015-5433

    HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors.... Read more

    • EPSS Score: %0.21
    • Published: Aug. 27, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2008-3990

    Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3991.... Read more

    • EPSS Score: %0.56
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2023-50007

    FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.... Read more

    Affected Products : fedora ffmpeg
    • Published: Apr. 19, 2024
    • Modified: Jun. 06, 2025

  • 4.0

    MEDIUM
    CVE-2021-22245

    Improper validation of commit author in GitLab CE/EE affecting all versions allowed an attacker to make several pages in a project impossible to view... Read more

    Affected Products : gitlab
    • EPSS Score: %0.40
    • Published: Aug. 25, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-2308

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple... Read more

    • EPSS Score: %0.20
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2005-3527

    Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.07
    • Published: Nov. 09, 2005
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-2894

    Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the char... Read more

    • EPSS Score: %6.90
    • Published: Jun. 07, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2007-6698

    The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability.... Read more

    Affected Products : openldap
    • EPSS Score: %4.62
    • Published: Feb. 01, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2006-2685

    PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (... Read more

    • EPSS Score: %85.60
    • Published: May. 31, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 291878 Results