Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-1999-1218

    Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier allows local users to read arbitrary files.... Read more

    Affected Products : amiga_unix
    • EPSS Score: %0.16
    • Published: Feb. 18, 1993
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1294

    Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permiss... Read more

    Affected Products : windows_nt
    • EPSS Score: %0.64
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-5488

    Cross-site scripting (XSS) vulnerability in the MailChimp Signup submodule in the MailChimp module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "administer mailchimp" permission to inject arbitrary web script or HTML via un... Read more

    Affected Products : mailchimp
    • EPSS Score: %0.21
    • Published: Aug. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-1780

    Cross-site scripting (XSS) vulnerability in the Best Responsive Theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via vectors related to social icons.... Read more

    Affected Products : drupal best_responsive
    • EPSS Score: %0.35
    • Published: Mar. 27, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-0941

    EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key... Read more

    • EPSS Score: %0.07
    • Published: May. 22, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-6363

    IBM Tivoli Netcool Security Manager 1.3.0 before Interim Fix 1, when using Active Directory (AD) LDAP authentication, allows remote attackers to obtain login access via unspecified vectors without entering a password.... Read more

    Affected Products : tivoli_netcool_security_manager
    • EPSS Score: %0.17
    • Published: Dec. 15, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-0441

    IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in cleartext (1) after external authentication, which triggers writing the password to SM_server.log; and (2) after a reconfig action; which allows local users to obtain sensitive informati... Read more

    Affected Products : tivoli_business_service_manager
    • EPSS Score: %0.06
    • Published: Jan. 25, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2000-0928

    WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares.... Read more

    Affected Products : diskadvisor
    • EPSS Score: %0.11
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-2300

    Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal allow remote authenticated users with the administer product classes permission to inject arbitrary web script or HTML ... Read more

    Affected Products : drupal ubercart
    • EPSS Score: %0.47
    • Published: Aug. 14, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-6953

    The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key as it is pressed, which allows local users to capture arbitrary keystrokes, such as for passwords, by shoulder surfing or grabbing periodic screenshots.... Read more

    Affected Products : mobility_manager
    • EPSS Score: %0.07
    • Published: Jan. 29, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2003-0878

    slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.11
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0144

    Denial of service in Qmail by specifying a large number of recipients with the RCPT command.... Read more

    Affected Products : qmail
    • EPSS Score: %1.99
    • Published: Jun. 01, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2025-43753

    A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through ... Read more

    Affected Products : liferay_portal dxp
    • Published: Aug. 21, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.1

    LOW
    CVE-2011-2208

    Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.13
    • Published: Jun. 13, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-0682

    vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of ... Read more

    Affected Products : internet_security_suite
    • EPSS Score: %0.06
    • Published: Aug. 19, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2014-8518

    The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x... Read more

    • EPSS Score: %0.03
    • Published: Oct. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2007-5790

    The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequence of binary values) for the password, which might allow local users to obtain sensitive information.... Read more

    Affected Products : globe7
    • EPSS Score: %0.07
    • Published: Nov. 01, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-2075

    Cross-site scripting (XSS) vulnerability in the Contact Save module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the access site-wide contact form permission to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : drupal contact_save
    • EPSS Score: %0.34
    • Published: Aug. 14, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-4218

    The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.... Read more

    Affected Products : wimax_network_service
    • EPSS Score: %0.06
    • Published: Aug. 25, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-6744

    Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended application during certain signature operations involving .spc and .pvk files, which might allow local users to obtain sensitive information via unspecified ... Read more

    Affected Products : installshield
    • EPSS Score: %0.06
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291617 Results