Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 2.6

    LOW
    CVE-2004-1922

    Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a ... Read more

    Affected Products : internet_explorer
    • EPSS Score: %5.10
    • Published: Apr. 11, 2004
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2004-1907

    The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13".... Read more

    Affected Products : personal_firewall
    • EPSS Score: %8.54
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2012-5077

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown ... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %2.04
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025
  • 2.6

    LOW
    CVE-2015-5281

    The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted (1) multiboot or (2) multiboot2 module in the co... Read more

    Affected Products : enterprise_linux
    • EPSS Score: %0.06
    • Published: Nov. 24, 2015
    • Modified: Apr. 12, 2025
  • 2.6

    LOW
    CVE-2012-3383

    The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfiltered_html capability, which allows remote authenticated users to bypass intended access re... Read more

    Affected Products : wordpress
    • EPSS Score: %0.15
    • Published: Jul. 22, 2012
    • Modified: Apr. 11, 2025
  • 2.6

    LOW
    CVE-2013-5315

    Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via th... Read more

    Affected Products : drupal scald
    • EPSS Score: %0.73
    • Published: Aug. 19, 2013
    • Modified: Apr. 11, 2025
  • 2.6

    LOW
    CVE-2006-3365

    V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to mail/index.php or (2) membername parameter to messenger/online.php, which displays the path in an error page due to an incorrect SQL statement.... Read more

    Affected Products : v3_chat
    • EPSS Score: %0.70
    • Published: Jul. 06, 2006
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2006-1808

    Cross-site scripting (XSS) vulnerability in index.php in Lifetype 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the show parameter in a Template operation.... Read more

    Affected Products : lifetype
    • EPSS Score: %0.67
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2006-3246

    Cross-site scripting (XSS) vulnerability in show.php in GL-SH Deaf Forum 6.4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the sort parameter.... Read more

    Affected Products : deaf_forum
    • EPSS Score: %0.53
    • Published: Jun. 27, 2006
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2012-2632

    SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are enabled, do not properly handle the CONNECT command, which... Read more

    Affected Products : b1_firmware b1 x1 x2 x86_firmware
    • EPSS Score: %0.18
    • Published: Jun. 15, 2012
    • Modified: Apr. 11, 2025
  • 2.6

    LOW
    CVE-1999-1263

    Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as s... Read more

    Affected Products : metamail
    • EPSS Score: %0.32
    • Published: Aug. 15, 2003
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2006-0888

    index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attackers to cause an unspecified denial of service by registering a large number of users.... Read more

    Affected Products : invision_power_board
    • EPSS Score: %6.56
    • Published: Feb. 25, 2006
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-1999-0797

    NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.... Read more

    Affected Products : sunos
    • EPSS Score: %0.55
    • Published: Jun. 29, 1998
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2000-0028

    Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %21.84
    • Published: Dec. 23, 1999
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2006-0538

    CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections.... Read more

    Affected Products : ironmail
    • EPSS Score: %1.12
    • Published: Feb. 04, 2006
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2005-0905

    Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property.... Read more

    Affected Products : maxthon
    • EPSS Score: %7.42
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2006-1992

    mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code ... Read more

    Affected Products : internet_explorer
    • EPSS Score: %48.62
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2000-0768

    A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %16.32
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2000-0406

    Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Su... Read more

    Affected Products : communicator
    • EPSS Score: %0.74
    • Published: May. 10, 2000
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2004-2011

    msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %9.54
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291520 Results