Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2010-4787

    IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon hang) via a paged search that triggers improper mutex processing.... Read more

    Affected Products : tivoli_directory_server
    • Published: Apr. 21, 2011
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2008-1301

    Absolute path traversal vulnerability in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote authenticated administrators to read arbitrary files via a full pathname in the filePath.0 param... Read more

    Affected Products : opencms
    • Published: Mar. 12, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2008-4500

    Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1".... Read more

    Affected Products : serv-u_file_server serv-u
    • Published: Oct. 09, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-1999-0669

    The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.... Read more

    Affected Products : internet_explorer
    • Published: Sep. 01, 1999
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2009-4916

    Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka Bug ID ... Read more

    Affected Products : asa_5580
    • Published: Jun. 29, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2009-0507

    IBM WebSphere Process Server (WPS) 6.1.2 before 6.1.2.3 and 6.2 before 6.2.0.1 does not properly restrict configuration data during an export of the cluster configuration file from the administrative console, which allows remote authenticated users to obt... Read more

    Affected Products : websphere_process_server
    • Published: Feb. 26, 2009
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2009-4658

    Xerver 4.32 allows remote authenticated users to cause a denial of service (daemon crash) via a non-numeric web port assignment in the management interface. NOTE: this can be leveraged by non-authenticated attackers using CVE-2009-4657.... Read more

    Affected Products : xerver
    • Published: Mar. 03, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2009-5033

    IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* *" argument sequence for a certain tell command, which allows remote authenticated users to obtain access to other users' data via a sync operation, related to storage of the data of mu... Read more

    Affected Products : lotus_notes_traveler notes_traveler
    • Published: Dec. 16, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-0367

    Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.... Read more

    Affected Products : ubuntu_linux mysql mariadb
    • Published: Jan. 17, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2006-5540

    backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimiza... Read more

    Affected Products : postgresql
    • Published: Oct. 26, 2006
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2009-5012

    ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session.... Read more

    Affected Products : pyftpdlib
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2009-5006

    The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to caus... Read more

    Affected Products : enterprise_mrg qpid
    • Published: Oct. 18, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2009-5034

    IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated users to cause a denial of service (memory consumption and daemon crash) by syncing a large volume of data, related to the launch of a new process to handle the data while the previous pr... Read more

    Affected Products : lotus_notes_traveler notes_traveler
    • Published: Dec. 16, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2009-4774

    Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vect... Read more

    Affected Products : solaris opensolaris
    • Published: Apr. 21, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2009-4800

    Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command.... Read more

    Affected Products : multi_server
    • Published: Apr. 22, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2009-4467

    misc.php in DeluxeBB 1.3 allows remote attackers to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID, which is visible from a memberlist action.... Read more

    Affected Products : deluxebb
    • Published: Dec. 30, 2009
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2009-4329

    Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (segmentation fault) by modifying the db2ra data stream sent in a request from the Load Utility.... Read more

    Affected Products : db2
    • Published: Dec. 16, 2009
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2024-11586

    Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.... Read more

    Affected Products : ubuntu_linux pulseaudio
    • Published: Nov. 23, 2024
    • Modified: Aug. 26, 2025

  • 4.0

    MEDIUM
    CVE-2007-6422

    The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb vari... Read more

    Affected Products : http_server
    • Published: Jan. 08, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2009-5073

    IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka 6.0.0.8-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) by adding a nested group that contains the Distinguished Name (DN) of its pa... Read more

    Affected Products : tivoli_directory_server
    • Published: Apr. 21, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 293425 Results