Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.5

    LOW
    CVE-2024-47526

    LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script execu... Read more

    Affected Products : librenms
    • Published: Oct. 01, 2024
    • Modified: Dec. 19, 2024

  • 3.5

    LOW
    CVE-2024-47799

    Exposure of sensitive system information to an unauthorized control sphere issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may obtain information o... Read more

    Affected Products :
    • Published: Nov. 12, 2024
    • Modified: Nov. 12, 2024

  • 3.5

    LOW
    CVE-2017-3603

    Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows low privil... Read more

    Affected Products : webcenter_sites
    • EPSS Score: %0.23
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2025-49462

    Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated user to conduct a disclosure of information via network access.... Read more

    Affected Products : zoom
    • Published: Jul. 10, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Information Disclosure

  • 3.5

    LOW
    CVE-2013-1833

    Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafte... Read more

    Affected Products : moodle
    • EPSS Score: %0.21
    • Published: Mar. 25, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2016-0610

    Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.... Read more

    • EPSS Score: %0.63
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4895

    Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.... Read more

    • EPSS Score: %0.54
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2021-20677

    UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (... Read more

    • EPSS Score: %0.30
    • Published: Mar. 26, 2021
    • Modified: Nov. 21, 2024

  • 3.5

    LOW
    CVE-2014-6599

    Unspecified vulnerability in the Siebel Core - Common Components component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Email.... Read more

    Affected Products : siebel_crm
    • EPSS Score: %0.17
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-2364

    Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : system_management_homepage
    • EPSS Score: %0.19
    • Published: Jul. 22, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2021-20761

    Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege.... Read more

    Affected Products : garoon
    • EPSS Score: %0.15
    • Published: Aug. 18, 2021
    • Modified: Nov. 21, 2024

  • 3.5

    LOW
    CVE-2013-1290

    Microsoft SharePoint Server 2013, in certain configurations involving legacy My Sites, does not properly establish default access controls for a SharePoint list, which allows remote authenticated users to bypass intended restrictions on reading list items... Read more

    Affected Products : sharepoint_server
    • EPSS Score: %19.29
    • Published: Apr. 09, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2011-0311

    The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consu... Read more

    Affected Products : java runtimes_for_java_technology
    • EPSS Score: %0.79
    • Published: Sep. 02, 2011
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2025-38746

    Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Inf... Read more

    Affected Products : supportassist_os_recovery
    • Published: Aug. 06, 2025
    • Modified: Aug. 18, 2025
    • Vuln Type: Information Disclosure

  • 3.5

    LOW
    CVE-2016-1500

    ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the "file_versions" application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the file... Read more

    Affected Products : owncloud owncloud_server
    • EPSS Score: %0.29
    • Published: Jan. 08, 2016
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4737

    Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.... Read more

    Affected Products : ubuntu_linux debian_linux mysql solaris
    • EPSS Score: %0.24
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-2040

    Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : owncloud owncloud_server
    • EPSS Score: %0.18
    • Published: Mar. 14, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-1503

    Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote authenticated users to affect integrity via unknown vectors related to Content Server.... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.14
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2015-2108

    Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.... Read more

    Affected Products : operations_orchestration
    • EPSS Score: %0.18
    • Published: Mar. 31, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2021-39163

    Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limit... Read more

    Affected Products : fedora synapse
    • EPSS Score: %0.27
    • Published: Aug. 31, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292650 Results