Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2013-2260

    Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness... Read more

    Affected Products : cryptocat
    • EPSS Score: %0.50
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2005-2354

    Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues.... Read more

    Affected Products : nvu
    • EPSS Score: %0.51
    • Published: Nov. 05, 2019
    • Modified: Nov. 20, 2024

  • 9.8

    CRITICAL
    CVE-2011-1134

    Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.... Read more

    Affected Products : serendipity
    • EPSS Score: %5.00
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1460

    WebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks are renderblocks.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.28
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-8121

    An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries (Bootstrap, jquery, Knockout) with known security vulnerabil... Read more

    Affected Products : magento
    • EPSS Score: %0.18
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-8144

    A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods.... Read more

    Affected Products : magento
    • EPSS Score: %2.90
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-8158

    An XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An attacker can craft a GET request to page cache block rendering module that gets passed to XML data processing engine without validati... Read more

    Affected Products : magento
    • EPSS Score: %0.19
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2006-0061

    xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.... Read more

    Affected Products : xlockmore
    • EPSS Score: %0.44
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2006-0062

    xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.... Read more

    Affected Products : xlockmore
    • EPSS Score: %0.13
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2006-3100

    termpkg 3.3 suffers from buffer overflow.... Read more

    Affected Products : termpkg
    • EPSS Score: %0.51
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2007-0899

    There is a possible heap overflow in libclamav/fsg.c before 0.100.0.... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %0.45
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-10505

    Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Sn... Read more

    • EPSS Score: %0.32
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-10565

    Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S... Read more

    • EPSS Score: %0.32
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-12419

    Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equa... Read more

    • EPSS Score: %14.28
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-2447

    gitolite before 1.4.1 does not filter src/ or hooks/ from path names.... Read more

    Affected Products : gitolite
    • EPSS Score: %0.51
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-2476

    syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot.... Read more

    Affected Products : syscp
    • EPSS Score: %0.53
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2007-6745

    clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %0.65
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-2936

    Elgg through 1.7.10 has a SQL injection vulnerability... Read more

    Affected Products : elgg
    • EPSS Score: %0.32
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-18925

    Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.... Read more

    Affected Products : iris_webforms
    • EPSS Score: %0.34
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-12719

    An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter.... Read more

    • EPSS Score: %0.63
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291878 Results