Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.5

    LOW
    CVE-2015-4366

    Cross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : mover
    • Published: Jun. 15, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-2760

    Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : data_loss_prevention_endpoint
    • Published: Mar. 27, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4078

    Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (... Read more

    Affected Products : cloudera_manager navigator
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2015-4370

    Cross-site scripting (XSS) vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms.... Read more

    Affected Products : site_documentation sitedoc
    • Published: Jun. 15, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4528

    Cross-site scripting (XSS) vulnerability in EMC Documentum CenterStage 1.2SP1 and 1.2SP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : documentum_centerstage centerstage
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2014-8772

    Cross-site scripting (XSS) vulnerability in the search_controller in X3 CMS 0.5.1 and 0.5.1.1 allows remote authenticated users to inject arbitrary web script or HTML via the search parameter.... Read more

    Affected Products : x3_cms
    • Published: Dec. 03, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4357

    Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.22, 7.x-3.x before 7.x-3.22, and 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node tit... Read more

    Affected Products : webform
    • Published: Jun. 15, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-3961

    The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a crafted URL.... Read more

    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2012-2169

    Cross-site scripting (XSS) vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web script or HTML via the File Description field.... Read more

    Affected Products : rational_clearquest
    • Published: Aug. 17, 2012
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2015-4373

    Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to nodes posted in an Organic Groups group.... Read more

    Affected Products : og_tabs
    • Published: Jun. 15, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2014-8734

    The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module settings via unspecified vectors.... Read more

    Affected Products : organic_groups_menu
    • Published: Nov. 12, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2017-3487

    Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Difficult to exploi... Read more

    Affected Products : flexcube_investor_servicing
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2017-3603

    Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows low privil... Read more

    Affected Products : webcenter_sites
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2017-3319

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple p... Read more

    Affected Products : mysql
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2017-3264

    Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: Open UI). The supported version that is affected is 16.1. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise S... Read more

    Affected Products : siebel_ui_framework
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2021-2045

    Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network ... Read more

    Affected Products : text
    • Published: Jan. 20, 2021
    • Modified: Nov. 21, 2024

  • 3.5

    LOW
    CVE-2017-5190

    NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile.... Read more

    Affected Products : access_manager
    • Published: Apr. 20, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2017-3598

    Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows low privil... Read more

    Affected Products : webcenter_sites
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2017-3468

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access vi... Read more

    Affected Products : mysql mysql_server
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.5

    LOW
    CVE-2017-3490

    Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Limits and Collateral). Supported versions that are affected are 12.0.0 and 12.1.0. Difficult to exploit vu... Read more

    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293357 Results