Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2015-0432

    Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.... Read more

    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-3181

    files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to b... Read more

    Affected Products : moodle
    • Published: Jun. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2004-2769

    Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands.... Read more

    Affected Products : ftp_server
    • Published: Jul. 02, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2021-28376

    ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.... Read more

    Affected Products : chronoforums
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2017-1000369

    Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that... Read more

    Affected Products : debian_linux exim
    • Published: Jun. 19, 2017
    • Modified: Apr. 20, 2025

  • 4.0

    MEDIUM
    CVE-2021-2340

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol... Read more

    • Published: Jul. 21, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2020-4726

    The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 187975.... Read more

    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2015-0465

    Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, and 6.3.6 allows remote authenticated users to affect confidentiality via unknown vectors... Read more

    Affected Products : supply_chain_products_suite
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2020-4371

    IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive information in leftover debug code that could be used aid a local user in further attacks against the system. IBM X-Force ID: 179008.... Read more

    Affected Products : verify_gateway
    • Published: Jul. 22, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2015-0500

    Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.... Read more

    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0215

    calendar/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to obtain sensitive calendar-event information via a web-services request.... Read more

    Affected Products : moodle
    • Published: Jun. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2024-32633

    An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way.... Read more

    Affected Products :
    • Published: Apr. 16, 2024
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2015-0475

    Unspecified vulnerability in the JD Edwards EnterpriseOne Technology component in Oracle JD Edwards Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web Runtime Security.... Read more

    Affected Products : jd_edwards_products
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-1456

    Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.... Read more

    Affected Products : fortiauthenticator
    • Published: Feb. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-8072

    The administration module in OpenMRS 2.1 Standalone Edition allows remote authenticated users to obtain read access via a direct request to /admin.... Read more

    Affected Products : openmrs
    • Published: Oct. 23, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0260

    RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the get_repo API method.... Read more

    • Published: Feb. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-9623

    OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.... Read more

    • Published: Jan. 23, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0423

    Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.... Read more

    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0405

    Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.... Read more

    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-2452

    Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 allows remote authenticated users to affect availability via unknown vectors related to Webserver Plugin.... Read more

    Affected Products : fusion_middleware
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 294853 Results