Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.6

    LOW
    CVE-2022-3521

    A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a pa... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Oct. 16, 2022
    • Modified: Nov. 21, 2024

  • 2.6

    LOW
    CVE-2007-3622

    Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service (crash) via malformed messages.... Read more

    Affected Products : mdaemon
    • Published: Jul. 09, 2007
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2025-1953

    A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go of the component Prefix Caching. The manipulation lead... Read more

    Affected Products :
    • Published: Mar. 04, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Cryptography

  • 2.6

    LOW
    CVE-2006-2015

    Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in recherche.php. NOTE: other XSS vectors, as reported in the original disclosure, are resultant from other... Read more

    Affected Products : sl_site
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-2765

    Cross-site scripting (XSS) vulnerability in news_information.php in Interlink Advantage allows remote attackers to inject arbitrary web script or HTML via the flag parameter.... Read more

    Affected Products : interlink_advantage
    • Published: Jun. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-2366

    ircp_io.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Tr... Read more

    Affected Products : openobex
    • Published: May. 15, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2024-20911

    Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracl... Read more

    Affected Products : audit_vault_and_database_firewall
    • Published: Feb. 17, 2024
    • Modified: Mar. 27, 2025

  • 2.6

    LOW
    CVE-2024-1949

    A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts. ... Read more

    Affected Products : mattermost_server mattermost
    • Published: Feb. 29, 2024
    • Modified: Dec. 13, 2024

  • 2.6

    LOW
    CVE-2010-2852

    Cross-site scripting (XSS) vulnerability in modules/headlines/magpierss/scripts/magpie_debug.php in RunCms 2.1, when the Headlines module is enabled, allows remote attackers to inject arbitrary web script or HTML via the url parameter.... Read more

    Affected Products : runcms
    • Published: Jul. 25, 2010
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2020-25374

    CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time.... Read more

    Affected Products : privileged_session_manager
    • Published: Oct. 28, 2020
    • Modified: Nov. 21, 2024

  • 2.6

    LOW
    CVE-2008-3715

    Cross-site scripting (XSS) vulnerability in inc-core-admin-editor-previouscolorsjs.php in the FlexCMS 2.5 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the PreviousColorsString parameter.... Read more

    Affected Products : flexcms
    • Published: Aug. 19, 2008
    • Modified: Apr. 09, 2025

  • 2.6

    LOW
    CVE-2010-3022

    Cross-site scripting (XSS) vulnerability in the Performance logging module in the Devel module 5.x before 5.x-1.3 and 6.x before 6.x-1.21 for Drupal allows remote authenticated users, with add url aliases and report access permissions, to inject arbitrary... Read more

    Affected Products : devel_module
    • Published: Aug. 16, 2010
    • Modified: Apr. 11, 2025

  • 2.6

    LOW
    CVE-2006-2648

    Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter.... Read more

    Affected Products : aspbb
    • Published: May. 30, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2014-9433

    Multiple cross-site scripting (XSS) vulnerabilities in cms/front_content.php in Contenido before 4.9.6, when advanced mod rewrite (AMR) is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) idart, (2) lang, or (3) idcat pa... Read more

    Affected Products : contendio
    • Published: Dec. 31, 2014
    • Modified: Apr. 12, 2025

  • 2.6

    LOW
    CVE-2006-2545

    Multiple cross-site scripting (XSS) vulnerabilities in Xtreme Topsites 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in stats.php and (2) unspecified inputs in lostid.php, probably the searchthis parameter. NO... Read more

    Affected Products : xtreme_topsites
    • Published: May. 23, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2022-31017

    Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they ... Read more

    Affected Products : zulip zulip_server
    • Published: Jun. 25, 2022
    • Modified: Nov. 21, 2024

  • 2.6

    LOW
    CVE-2006-2406

    Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing ... Read more

    Affected Products : unclassified_newsboard
    • Published: May. 16, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2020-24587

    The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments wh... Read more

    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 2.6

    LOW
    CVE-2005-0141

    Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.... Read more

    Affected Products : firefox mozilla
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-0473

    Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) the "-... Read more

    Affected Products : opera_browser
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293621 Results