Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2012-3141

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, rel... Read more

    Affected Products : financial_services_software
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-3181

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect availability via unknown vectors related to Security.... Read more

    Affected Products : peoplesoft_products
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-3198

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51 and 8.52 allows remote authenticated users to affect availability via unknown vectors related to Query.... Read more

    Affected Products : peoplesoft_products
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-5090

    Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library.... Read more

    Affected Products : supply_chain_products_suite
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-4487

    The Subuser module before 6.x-1.8 for Drupal does not properly check "switch subuser" permissions, which allows remote authenticated parent users to change their role by switching to a subuser they created.... Read more

    Affected Products : drupal subuser
    • Published: Nov. 02, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-0678

    Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query.... Read more

    Affected Products : simatic_pcs7 wincc
    • Published: Mar. 21, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-3502

    Unspecified vulnerability in the Siebel Core component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    Affected Products : siebel_suite
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2014-9466

    Open-Xchange (OX) AppSuite and Server before 7.4.2-rev42, 7.6.0 before 7.6.0-rev36, and 7.6.1 before 7.6.1-rev14 does not properly handle directory permissions, which allows remote authenticated users to read files via unspecified vectors, related to the ... Read more

    Affected Products : open-xchange_appsuite
    • Published: Feb. 17, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2010-4593

    The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sess... Read more

    Affected Products : lotus_mobile_connect
    • Published: Dec. 22, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-4430

    Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.1 Update 2010-F allows remote authenticated users to affect confidentiality via unknown vectors related to Absence Management.... Read more

    • Published: Jan. 19, 2011
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-3522

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.28 and 8.50.12 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-1514

    Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote authenticated users to affect integrity via vectors related to RMI Support.... Read more

    Affected Products : fusion_middleware
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-1509

    Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.0, and 11.1.1.6.1 allows remote authenticated users to affect integrity via unknown vectors related to WebCenter Sites.... Read more

    Affected Products : fusion_middleware
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-1568

    Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 5.3.3, 6.0.1, and 6.2.0 allows remote authenticated users to affect availability via unknown vectors related to CB.... Read more

    Affected Products : financial_services_software
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2007-3256

    Xythos Enterprise Document Manager (XEDM), Digital Locker (XDL), and possibly WebFile Server before 6.0.46.1 allow remote authenticated users to associate arbitrary Content-Type HTTP headers with documents, which might facilitate malware distribution.... Read more

    • Published: Jun. 27, 2007
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2015-0680

    Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439.... Read more

    Affected Products : unified_callmanager
    • Published: Mar. 28, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2013-3507

    The NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to obtain sensitive information via a direct request for (1) a configuration file, (2) a database dump, or (3) the Tomcat status context.... Read more

    Affected Products : groundwork_monitor
    • Published: May. 08, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-5427

    Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518.... Read more

    Affected Products : ios
    • Published: Apr. 23, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-2460

    Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3 allows remote authenticated users to affect confidentiality via vectors related to CSV Ma... Read more

    Affected Products : supply_chain_products_suite
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-2180

    The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133.... Read more

    • Published: Apr. 29, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 294848 Results