Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.6

    LOW
    CVE-2006-2011

    Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the nickname, probably involving the user_name parameter in register.php.... Read more

    Affected Products : 4images
    • EPSS Score: %0.62
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-1385

    Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference.... Read more

    Affected Products : safari
    • EPSS Score: %1.13
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1117

    nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intende... Read more

    • EPSS Score: %0.41
    • Published: Mar. 09, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-4021

    The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption.... Read more

    Affected Products : scatterchat
    • EPSS Score: %0.26
    • Published: Aug. 17, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2008-5893

    Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action.... Read more

    Affected Products : click\&email
    • EPSS Score: %1.35
    • Published: Jan. 12, 2009
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2008-3574

    Multiple cross-site scripting (XSS) vulnerabilities in Pluck 4.5.2, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) lang_footer parameter to (a) data/inc/footer.php; the (2) pluck_version, (3) la... Read more

    Affected Products : pluck pluck
    • EPSS Score: %1.48
    • Published: Aug. 10, 2008
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2012-5183

    The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for system log files.... Read more

    Affected Products : loctouch
    • EPSS Score: %0.29
    • Published: Dec. 26, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2004-2476

    Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %27.01
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2001-1521

    Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter.... Read more

    Affected Products : postnuke
    • EPSS Score: %0.35
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-0329

    Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and possibly modify arbitrary files via a ZIP file with a file whose name includes .. (dot dot) sequences.... Read more

    Affected Products : zipgenius
    • EPSS Score: %0.85
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-2219

    Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %15.09
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-0227

    Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.07
    • Published: Jan. 17, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2012-3368

    Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by ru... Read more

    Affected Products : dtach
    • EPSS Score: %0.44
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2013-5183

    Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote attackers to obtain sensitive information by sniffing the network.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.44
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2012-0475

    Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLH... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %0.29
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2011-3328

    The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk assoc... Read more

    Affected Products : libpng
    • EPSS Score: %11.43
    • Published: Jan. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2005-0626

    Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.... Read more

    Affected Products : squid
    • EPSS Score: %0.09
    • Published: Mar. 08, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2008-0995

    The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.58
    • Published: Mar. 18, 2008
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2007-3474

    Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors.... Read more

    Affected Products : libgd gd_graphics_library
    • EPSS Score: %5.72
    • Published: Jun. 28, 2007
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2004-0180

    The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.... Read more

    Affected Products : cvs
    • EPSS Score: %3.95
    • Published: Jun. 01, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291750 Results