Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.5

    LOW
    CVE-2015-4892

    Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-4917.... Read more

    Affected Products : supply_chain_products_suite
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-3385

    Cross-site scripting (XSS) vulnerability in the Taxonomy Path module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link to path" field formatter.... Read more

    Affected Products : taxonomy_path
    • Published: Apr. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2010-2404

    Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect integrity via unknown vectors related to Account.... Read more

    Affected Products : e-business_suite
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2015-3357

    Cross-site scripting (XSS) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, w... Read more

    Affected Products : wishlist
    • Published: Apr. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2014-0832

    Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted t... Read more

    Affected Products : financial_transaction_manager
    • Published: Feb. 01, 2014
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2010-4275

    Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to ad... Read more

    Affected Products : radius_manager
    • Published: Dec. 22, 2010
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2006-6548

    Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to (1) scripts2/changeemail, (2) scripts2/limitbw, or (3) scripts/re... Read more

    Affected Products : webhost_manager
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 3.5

    LOW
    CVE-2015-7726

    Cross-site scripting (XSS) vulnerability in role deletion in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allows remote authenticated users to inject arbitrary web script or HTML via the role name, aka SAP Security Note 215389... Read more

    Affected Products : hana
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2013-2322

    HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue.... Read more

    Affected Products : nonstop_sql\/mx
    • Published: Jun. 28, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2015-7728

    Cross-site scripting (XSS) vulnerability in user creation in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to inject arbitrary web script or HTML via the username, aka SAP Security No... Read more

    Affected Products : hana
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-3372

    Cross-site scripting (XSS) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.... Read more

    Affected Products : node_invite
    • Published: Apr. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2005-4192

    Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) the notepad's name or (2) description, when ... Read more

    Affected Products : mnemo_note_manager_h3
    • Published: Dec. 13, 2005
    • Modified: Apr. 03, 2025

  • 3.5

    LOW
    CVE-2015-0416

    Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Roles & Privileges.... Read more

    Affected Products : supply_chain_products_suite
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2012-3322

    Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.... Read more

    • Published: Feb. 20, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2014-2844

    Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new parameter in the SysUser module to admin.... Read more

    Affected Products : secure_messaging_secure_gateway
    • Published: Apr. 18, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2012-5941

    Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.... Read more

    Affected Products : netezza
    • Published: Feb. 20, 2013
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2012-0737

    Cross-site scripting (XSS) vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : rational_appscan
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 3.5

    LOW
    CVE-2014-2090

    Multiple cross-site scripting (XSS) vulnerabilities in ilias.php in ILIAS 4.4.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tar, (2) tar_val, or (3) title parameter.... Read more

    Affected Products : ilias
    • Published: Mar. 02, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2014-2445

    Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2014-2467.... Read more

    Affected Products : supply_chain_products_suite
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2012-1979

    Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action.... Read more

    Affected Products : syndeocms
    • Published: Apr. 17, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293360 Results