Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

3.5

LOW

CVE-2013-5402

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utili...

Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities smartcloud_control_desk change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government +2 more products
Published: Dec. 18, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-4753

Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field in an inbox action to messaging/messagebox.php, (2) the "First name" field...

Affected Products : claroline
Published: Dec. 26, 2014

Modified: Apr. 12, 2025
3.5

LOW

CVE-2015-0506

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2015-0508....

Affected Products : mysql
Published: Apr. 16, 2015

Modified: Apr. 12, 2025
3.5

LOW

CVE-2013-4713

Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors....

Affected Products : rockdisk_firmware rockdisk
Published: Nov. 01, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2014-2091

Cross-site scripting (XSS) vulnerability in mods/_standard/forums/admin/forum_add.php in ATutor 2.1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the title parameter in an add_forum action. NOTE: the original dis...

Affected Products : atutor
Published: Mar. 02, 2014

Modified: Apr. 12, 2025
3.5

LOW

CVE-2013-5390

Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors....

Affected Products : websphere_extreme_scale
Published: Oct. 16, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-2299

Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors....

Affected Products : webaccess advantech_webaccess
Published: Aug. 22, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-5317

Cross-site scripting (XSS) vulnerability in RiteCMS 1.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the mode parameter to cms/index.php....

Affected Products : ritecms
Published: Aug. 20, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-4754

Multiple cross-site scripting (XSS) vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field to browse.php or (2) the Title field to prefs.php....

Affected Products : intranet_knowledgebase
Published: Dec. 26, 2014

Modified: Apr. 12, 2025
3.5

LOW

CVE-2013-5326

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allows remote authenticated users to inject arbitrary web scr...

Affected Products : coldfusion
Published: Nov. 13, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-1548

Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types....

Affected Products : enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation mysql enterprise_linux_eus mariadb
Published: Apr. 17, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-4003

Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3.1.1, and 8, allow remote authenticated users to inject arbitrary web script or HTML via (1) unspecified input to WebProcess.srv, (2) unspecified...

Affected Products : tririga_application_platform
Published: Aug. 29, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2014-1994

Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors....

Affected Products : garoon
Published: Jul. 20, 2014

Modified: Apr. 12, 2025
3.5

LOW

CVE-2013-5452

IBM FileNet Business Process Framework 4.1.0 allows remote authenticated users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an X...

Affected Products : filenet_business_process_framework
Published: Dec. 19, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2014-8987

Cross-site scripting (XSS) vulnerability in the "set configuration" box in the Configuration Report page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via the config_option pa...

Affected Products : mantisbt
Published: Aug. 24, 2015

Modified: Apr. 12, 2025
3.5

LOW

CVE-2013-3812

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication....

Affected Products : ubuntu_linux debian_linux mysql mariadb opensuse solaris linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit
Published: Jul. 17, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-4004

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.7 and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors....

Affected Products : websphere_application_server
Published: Aug. 21, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-5002

Cross-site scripting (XSS) vulnerability in libraries/schema/Export_Relation_Schema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber val...

Affected Products : phpmyadmin
Published: Jul. 31, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-4819

Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote authenticated users to obtain sensitive information via unknown vectors....

Affected Products : icewall_sso_agent_option
Published: Sep. 23, 2013

Modified: Apr. 11, 2025
3.5

LOW

CVE-2013-4628

The firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access ...

Affected Products : quidway_service_process_unit_board_s7700 quidway_service_process_unit_board_s9300 quidway_service_process_unit_board_s9700
Published: Jun. 20, 2013

Modified: Apr. 11, 2025

Showing 20 of 292874 Results

Browse by Apps

Latest CVE Feed

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

3.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable