Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2015-1883

    IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read certain administrative files via crafted use of an automated-maintenance policy stored procedure.... Read more

    Affected Products : db2
    • Published: Jul. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-1682

    The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.... Read more

    Affected Products : fedora zabbix
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-2266

    message/index.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/site:readallmessages capability before accessing arbitrary conversations, which allows remote authenticated users to obt... Read more

    Affected Products : moodle
    • Published: Jun. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2013-2130

    ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.... Read more

    Affected Products : znc
    • Published: Jun. 05, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2013-2079

    mod/assign/locallib.php in the assignment module in Moodle 2.3.x before 2.3.7 and 2.4.x before 2.4.4 does not consider capability requirements during the processing of ZIP assignment-archive download (aka downloadall) requests, which allows remote authent... Read more

    Affected Products : moodle
    • Published: May. 25, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-2039

    Directory traversal vulnerability in lib/files/view.php in ownCloud before 4.0.15, 4.5.x 4.5.11, and 5.x before 5.0.6 allows remote authenticated users to access arbitrary files via unspecified vectors.... Read more

    Affected Products : owncloud owncloud_server
    • Published: Mar. 14, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2013-1838

    OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a la... Read more

    Affected Products : ubuntu_linux nova folsom grizzly essex
    • Published: Mar. 22, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-1772

    The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kms... Read more

    Affected Products : linux_kernel
    • Published: Feb. 28, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-1544

    Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.... Read more

    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-1532

    Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.... Read more

    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2007-5239

    Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) ap... Read more

    Affected Products : jre sdk jdk
    • Published: Oct. 06, 2007
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2023-50306

    IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337.... Read more

    Affected Products : common_licensing
    • Published: Feb. 20, 2024
    • Modified: Feb. 12, 2025

  • 4.0

    MEDIUM
    CVE-2013-0544

    Directory traversal vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux and UNIX allows remote authenticated users to modify da... Read more

    • Published: Apr. 24, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-0467

    IBM Eclipse Help System (IEHS), as used in IBM Data Studio 3.1 and 3.1.1 and other products, allows remote authenticated users to read source code via a crafted URL.... Read more

    Affected Products : data_studio
    • Published: Feb. 21, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-0454

    The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users ... Read more

    Affected Products : ubuntu_linux samba storwize
    • Published: Mar. 26, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2015-5413

    HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors.... Read more

    • Published: Aug. 26, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2012-2655

    PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language... Read more

    Affected Products : postgresql
    • Published: Jul. 18, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-1756

    Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.... Read more

    Affected Products : mysql mariadb
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-1734

    Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.... Read more

    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-1697

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.... Read more

    Affected Products : mysql mariadb
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293358 Results