Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.5

    LOW
    CVE-2012-1764

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to MCF.... Read more

    Affected Products : peoplesoft_products
    • EPSS Score: %0.38
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-0591

    Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013... Read more

    Affected Products : lotus_inotes lotus_domino
    • EPSS Score: %0.17
    • Published: Aug. 27, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-0586

    Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : cognos_business_intelligence
    • EPSS Score: %0.20
    • Published: Aug. 27, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2014-8311

    SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information via an InfoStore query to a CORBA listener.... Read more

    Affected Products : businessobjects
    • EPSS Score: %0.42
    • Published: Oct. 16, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2012-6565

    Cross-site scripting (XSS) vulnerability in REDCap before 4.14.3 allows remote authenticated users to inject arbitrary web script or HTML via uppercase characters in JavaScript events within user-defined labels.... Read more

    Affected Products : redcap redcap
    • EPSS Score: %0.16
    • Published: Jun. 17, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2014-8317

    Cross-site scripting (XSS) vulnerability in the Webform Validation module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a component name t... Read more

    Affected Products : webform_validation
    • EPSS Score: %0.25
    • Published: Oct. 17, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2014-8320

    Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x-1.x before 7.x-1.14 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the "Label text" fiel... Read more

    Affected Products : custom_search
    • EPSS Score: %0.25
    • Published: Oct. 17, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-4698

    Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox.... Read more

    Affected Products : mailwise
    • EPSS Score: %0.22
    • Published: Aug. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2008-2758

    Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute News Manager XE 3.2 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) pblname and (2) text parameters to (a) admin/search.asp, (3) name parame... Read more

    Affected Products : absolute_news_manager_xe
    • EPSS Score: %0.36
    • Published: Jun. 18, 2008
    • Modified: Apr. 09, 2025

  • 3.5

    LOW
    CVE-2012-5762

    Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol.... Read more

    Affected Products : netezza
    • EPSS Score: %0.17
    • Published: Feb. 20, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2011-5030

    Cross-site scripting (XSS) vulnerability in the Meta tags quick module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors, probably related to "names ... Read more

    Affected Products : drupal meta_tags_quick
    • EPSS Score: %0.18
    • Published: Dec. 29, 2011
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2014-8319

    Cross-site scripting (XSS) vulnerability in the easy_social_admin_summary function in the Easy Social module 7.x-2.x before 7.x-2.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a block t... Read more

    Affected Products : easy_social
    • EPSS Score: %0.25
    • Published: Oct. 17, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2012-5941

    Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.... Read more

    Affected Products : netezza
    • EPSS Score: %0.17
    • Published: Feb. 20, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2008-2768

    Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to inject arbitrary web script or HTML via unspecified vectors ("all fields").... Read more

    Affected Products : absolute_poll_manager_xe
    • EPSS Score: %0.24
    • Published: Jun. 18, 2008
    • Modified: Apr. 09, 2025

  • 3.5

    LOW
    CVE-2013-4048

    Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving addition of script to... Read more

    • EPSS Score: %0.17
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2014-3903

    Cross-site scripting (XSS) vulnerability in the Cakifo theme 1.x before 1.6.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via crafted Exif data.... Read more

    Affected Products : cakifo
    • EPSS Score: %0.18
    • Published: Aug. 19, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2010-0801

    Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller p... Read more

    Affected Products : joomla\! com_autartitarot
    • EPSS Score: %2.20
    • Published: Mar. 02, 2010
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-1244

    Cross-site scripting (XSS) vulnerability in the portal module in Cisco WebEx Social allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL in the link field in a post, aka Bug ID CSCue67199.... Read more

    Affected Products : webex_social
    • EPSS Score: %0.18
    • Published: May. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2014-7979

    Cross-site scripting (XSS) vulnerability in the SimpleCorp theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings.... Read more

    Affected Products : simplecorp
    • EPSS Score: %0.23
    • Published: Oct. 08, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2008-2761

    Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Banner Manager XE 2.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the text parameter in (1) searchbanners.asp and (2) listadvertisers.asp, and o... Read more

    Affected Products : absolute_banner_manager
    • EPSS Score: %0.36
    • Published: Jun. 18, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291784 Results