Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.5

    LOW
    CVE-2015-3443

    Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handle... Read more

    Affected Products : secret_server
    • Published: Jul. 02, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4771

    Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.... Read more

    Affected Products : ubuntu_linux mysql
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2023-33229

    The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML. ... Read more

    Affected Products : solarwinds_platform
    • Published: Jul. 26, 2023
    • Modified: Nov. 21, 2024

  • 3.5

    LOW
    CVE-2015-4540

    Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6.8.1 P18 and 6.9.x before 6.9.1 P6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    • Published: Sep. 26, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4541

    Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : rsa_archer_grc
    • Published: Sep. 26, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-3360

    Cross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : term_merge
    • Published: Apr. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-4460

    Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.... Read more

    Affected Products : mantisbt
    • Published: Jan. 10, 2014
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-0553

    The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat ... Read more

    • Published: Apr. 28, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-6320

    Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated ... Read more

    Affected Products : algo_one
    • Published: Mar. 05, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-0585

    Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to the (1) web console and (2) r... Read more

    Affected Products : infosphere_information_server
    • Published: Aug. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-6310

    Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : marketing_platform
    • Published: Jun. 28, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-5793

    Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5786.... Read more

    Affected Products : mysql
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-6301

    Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated ... Read more

    Affected Products : algo_one
    • Published: Mar. 05, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-6314

    Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vec... Read more

    • Published: Mar. 06, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-6300

    Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated ... Read more

    Affected Products : algo_one
    • Published: Mar. 05, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2012-2165

    IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, when ClearQuest Authentication is enabled, allows remote authenticated users to read password hashes via a user query.... Read more

    Affected Products : rational_clearquest
    • Published: Aug. 17, 2012
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-4003

    Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3.1.1, and 8, allow remote authenticated users to inject arbitrary web script or HTML via (1) unspecified input to WebProcess.srv, (2) unspecified... Read more

    Affected Products : tririga_application_platform
    • Published: Aug. 29, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-5698

    Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allows remote authenticated users to inject arbitrary web script or HTML vi... Read more

    • Published: Sep. 05, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2013-6729

    Cross-site scripting (XSS) vulnerability in IBM QuickFile 1.0.0.0 before iFix 4 and 1.1.0.1 before iFix 3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.... Read more

    Affected Products : quickfile
    • Published: Mar. 21, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-0457

    Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a uisessio... Read more

    • Published: Feb. 20, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 292871 Results