Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.6

    LOW
    CVE-2007-3820

    konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.... Read more

    Affected Products : konqueror
    • EPSS Score: %1.06
    • Published: Jul. 17, 2007
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2012-4929

    The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext ... Read more

    Affected Products : android firefox debian_linux chrome
    • EPSS Score: %13.87
    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2012-1693

    Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 allows remote attackers to affect availability, related to XSCF Control Package (XCP).... Read more

    • EPSS Score: %0.92
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2011-1068

    Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote attackers to obt... Read more

    Affected Products : windows_azure_sdk
    • EPSS Score: %15.95
    • Published: Feb. 23, 2011
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2008-0266

    Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administrative tasks. NOTE: either the old password must be known, or the attacker mu... Read more

    Affected Products : eticket
    • EPSS Score: %0.40
    • Published: Jan. 15, 2008
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2013-5315

    Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via th... Read more

    Affected Products : drupal scald
    • EPSS Score: %0.73
    • Published: Aug. 19, 2013
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2013-0466

    Cross-site scripting (XSS) vulnerability in IBM WebSphere Message Broker 7.0 before 7.0.0.6 and 8.0 before 8.0.0.2, when wsdl support is enabled on a SOAPInput node, allows remote attackers to inject arbitrary web script or HTML via a wsdl request that is... Read more

    Affected Products : websphere_message_broker
    • EPSS Score: %0.27
    • Published: Feb. 20, 2013
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-1999-0793

    Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %21.09
    • Published: Nov. 17, 1999
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2012-2723

    Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with maestro admin permissions to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : drupal maestro
    • EPSS Score: %0.43
    • Published: Jun. 27, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2012-1247

    Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML by leveraging support for Cascading Style Sheets (CSS) expressions.... Read more

    Affected Products : web_mart
    • EPSS Score: %0.30
    • Published: May. 15, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2006-3563

    Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter.... Read more

    Affected Products : winged_gallery
    • EPSS Score: %0.42
    • Published: Jul. 13, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1835

    Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix allows remote attackers to inject arbitrary web script or HTML via the ycyear parameter.... Read more

    Affected Products : calendarix calendarix_advanced
    • EPSS Score: %0.70
    • Published: Apr. 19, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2009-1986

    Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality via unknown vectors.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.52
    • Published: Jul. 14, 2009
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-1999-0396

    A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.... Read more

    Affected Products : netbsd openbsd
    • EPSS Score: %0.66
    • Published: Feb. 17, 1999
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2001-0089

    Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %38.30
    • Published: Feb. 16, 2001
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-0329

    Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and possibly modify arbitrary files via a ZIP file with a file whose name includes .. (dot dot) sequences.... Read more

    Affected Products : zipgenius
    • EPSS Score: %0.85
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0518

    Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %2.19
    • Published: Jun. 05, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2012-2362

    Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x before 1.9.18, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted parameter to blog/index.php.... Read more

    Affected Products : moodle
    • EPSS Score: %0.28
    • Published: Jul. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2004-1615

    Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme.... Read more

    Affected Products : opera_browser
    • EPSS Score: %1.57
    • Published: Oct. 18, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-5451

    Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) file, and (3) users array variables in (a) admin.php, which are not properly handled when the admi... Read more

    Affected Products : torrentflux
    • EPSS Score: %1.10
    • Published: Oct. 23, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 291717 Results