Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2019-15662

    An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120444 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary read primitive that can be used as part of a chai... Read more

    Affected Products : killer_control_center
    • Published: Mar. 20, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2013-6695

    The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaini... Read more

    Affected Products : secure_access_control_system
    • Published: Dec. 02, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2021-25359

    An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.... Read more

    Affected Products : android dex
    • Published: Apr. 09, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2014-2185

    The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374.... Read more

    Affected Products : unified_communications_manager
    • Published: Apr. 29, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2022-27657

    A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Diagnostics Agent 1.0) - version 1.0.... Read more

    Affected Products : focused_run
    • Published: Apr. 12, 2022
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2010-4545

    IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (resource consumption and sync outage) by syncing a large volume of data.... Read more

    Affected Products : lotus_notes_traveler notes_traveler
    • Published: Dec. 16, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2015-0189

    The cluster repository manager in IBM WebSphere MQ 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allows remote authenticated administrators to cause a denial of service (memory overwrite and daemon outage) by triggering multiple transmit-queue records.... Read more

    Affected Products : websphere_mq
    • Published: May. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0739

    The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller (BMC) file uploads via unspecified vectors, aka ... Read more

    • Published: May. 19, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2013-1216

    Memory leak in the SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (memory consumption and process restart) via crafted SNMP packets, aka Bug ID CSCue31546.... Read more

    Affected Products : ios_xr
    • Published: Apr. 29, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2020-15101

    In freewvs before 0.1.1, a directory structure of more than 1000 nested directories can interrupt a freewvs scan due to Python's recursion limit and os.walk(). This can be problematic in a case where an administrator scans the dirs of potentially untruste... Read more

    Affected Products : freewvs
    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2024-36795

    Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors.... Read more

    Affected Products : wnr614_firmware wnr614
    • Published: Jun. 06, 2024
    • Modified: May. 29, 2025

  • 4.0

    MEDIUM
    CVE-2019-4218

    IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 159227.... Read more

    Affected Products : security_information_queue
    • Published: Jun. 06, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2023-43081

    PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files. ... Read more

    • Published: Nov. 22, 2023
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2009-5001

    The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow r... Read more

    Affected Products : filenet_p8_application_engine
    • Published: Sep. 20, 2010
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2014-6028

    TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php.... Read more

    Affected Products : torrentflux torrentflux
    • Published: Sep. 05, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2018-1993

    IBM Spectrum Scale (GPFS) 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 where the use of Local Read Only Cache (LROC) is enabled may caused read operation on a file to return data from a different file. IBM X-Force ID: 154440.... Read more

    Affected Products : spectrum_scale
    • Published: Jan. 08, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2013-1139

    The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.... Read more

    Affected Products : cloud_portal
    • Published: Feb. 27, 2013
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2006-1621

    Directory traversal vulnerability in admin/folders/saveuploadfiles.asp in Hosting Controller 2002 RC 1 allows remote authenticated users to overwrite arbitrary files via an absolute path in the OpenPath parameter.... Read more

    Affected Products : hosting_controller
    • Published: Apr. 05, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2012-5061

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, 11.0.0 through 11.4.0, and 12.0.0 allows remote authenticated users to affect confid... Read more

    Affected Products : financial_services_software
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2013-2313

    Session fixation vulnerability in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to hijack web sessions via unspecified vectors.... Read more

    Affected Products : ec-cube ec-cube
    • Published: May. 29, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 294328 Results