Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.6

    LOW
    CVE-2005-1576

    The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file... Read more

    Affected Products : firefox
    • EPSS Score: %0.49
    • Published: May. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0518

    Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %2.19
    • Published: Jun. 05, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-0329

    Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and possibly modify arbitrary files via a ZIP file with a file whose name includes .. (dot dot) sequences.... Read more

    Affected Products : zipgenius
    • EPSS Score: %0.85
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-1999-0487

    The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %21.09
    • Published: May. 01, 1999
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-1615

    Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme.... Read more

    Affected Products : opera_browser
    • EPSS Score: %1.57
    • Published: Oct. 18, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2003-0956

    Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being rea... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2001-0807

    Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %9.16
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-2343

    Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which p... Read more

    • EPSS Score: %1.95
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-1999-0869

    Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.... Read more

    Affected Products : internet_explorer navigator
    • EPSS Score: %13.00
    • Published: Dec. 01, 1998
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2007-4831

    Multiple cross-site scripting (XSS) vulnerabilities in account_settings.php in TorrentTrader 1.07 allow remote attackers to inject arbitrary web script or HTML via the (1) avatar and (2) title parameters.... Read more

    Affected Products : torrenttrader
    • EPSS Score: %0.33
    • Published: Sep. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2005-1793

    User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service (crash) via an icon (.ico) bitmap file with large width and height values.... Read more

    Affected Products : windows_98se
    • EPSS Score: %8.92
    • Published: Jun. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1759

    Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in SWSoft Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the jahr parameter.... Read more

    Affected Products : confixx
    • EPSS Score: %0.76
    • Published: Apr. 13, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1815

    Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_realname and (2) newuser_icq parameters, a different vector than ... Read more

    Affected Products : tritanium_bulletin_board
    • EPSS Score: %0.42
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1752

    Multiple cross-site scripting (XSS) vulnerabilities in the backend in MvBlog before 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) body fields in a comment.... Read more

    Affected Products : mvblog
    • EPSS Score: %0.43
    • Published: Apr. 12, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-2332

    Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdo... Read more

    Affected Products : firefox
    • EPSS Score: %0.80
    • Published: May. 12, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2012-5077

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown ... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %2.07
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2013-2061

    The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a pad... Read more

    Affected Products : openvpn opensuse openvpn_access_server
    • EPSS Score: %1.45
    • Published: Nov. 18, 2013
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2022-21929

    Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability... Read more

    Affected Products : edge_chromium
    • EPSS Score: %0.64
    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024

  • 2.6

    LOW
    CVE-2014-6558

    Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.... Read more

    Affected Products : jdk jre jrockit
    • EPSS Score: %2.25
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 2.6

    LOW
    CVE-2013-2236

    Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) ... Read more

    Affected Products : quagga
    • EPSS Score: %0.96
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291647 Results