Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2015-2648

    Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.... Read more

    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-2697

    The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field with... Read more

    • Published: Nov. 09, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-2139

    HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5... Read more

    • Published: Aug. 27, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-2136

    HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors.... Read more

    Affected Products : arcsight_logger
    • Published: Sep. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2024-12292

    An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained i... Read more

    Affected Products : gitlab
    • Published: Dec. 12, 2024
    • Modified: Jul. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-2634

    RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified vectors.... Read more

    Affected Products : envision
    • Published: Aug. 10, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-3516

    Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to InfiniBand.... Read more

    Affected Products : solaris opensolaris
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-0102

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.... Read more

    Affected Products : mysql mysql
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-2398

    Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft and JDEdwards Suite HCM 9.0 Bundle #12 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-2230

    The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input.... Read more

    Affected Products : moodle
    • Published: Jun. 28, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2020-14564

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Environment Mgmt Console). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows high privileged attacker with ... Read more

    Affected Products : peoplesoft_enterprise_peopletools
    • Published: Jul. 15, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2010-2406

    Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    Affected Products : siebel_suite
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-3540

    Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to ZFS.... Read more

    Affected Products : solaris opensolaris
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-4090

    The management interface in Cisco NX-OS on Nexus 7000 devices allows remote authenticated users to obtain sensitive configuration-file information by leveraging the network-operator role, aka Bug ID CSCti09089.... Read more

    • Published: Oct. 05, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-1560

    Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service (trap) via unspecified vectors. NOTE: this might overlap CVE-2010-0462.... Read more

    Affected Products : db2
    • Published: Apr. 27, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-2417

    Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.0.0 allows remote authenticated users to affect integrity via unknown vectors.... Read more

    Affected Products : supply_chain_products_suite
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2009-1873

    Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter.... Read more

    Affected Products : jrun
    • Published: Aug. 18, 2009
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2010-2149

    Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors.... Read more

    Affected Products : e-pares
    • Published: Jun. 03, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-3840

    The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a craft... Read more

    Affected Products : mysql mysql
    • Published: Jan. 14, 2011
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-3528

    Unspecified vulnerability in the PeopleSoft Enterprise CRM - Common Components component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #41, 9.0 Bundle #28, and 9.1 Bundle #4 allows remote authenticated users to affect confidentiality via unknown vec... Read more

    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 293548 Results