Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2018-11209

    An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on MD5 for the password parameter, which might make it easier for attackers to bypass intended access restrictions via a dictionary or rainbow-table attack. NOTE: the vendor d... Read more

    Affected Products : z-blogphp
    • Published: May. 16, 2018
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2018-11208

    An issue was discovered in Z-BlogPHP 2.0.0. There is a persistent XSS that allows remote attackers to inject arbitrary web script or HTML into background web site settings via the "copyright information office" field. NOTE: the vendor indicates that the p... Read more

    Affected Products : z-blogphp
    • Published: May. 16, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-11207

    A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.... Read more

    Affected Products : hdf5
    • Published: May. 16, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2018-11206

    An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.... Read more

    Affected Products : hdf5
    • Published: May. 16, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2018-11205

    A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.... Read more

    Affected Products : hdf5
    • Published: May. 16, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-11204

    A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.... Read more

    Affected Products : hdf5
    • Published: May. 16, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-11203

    A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.... Read more

    Affected Products : hdf5
    • Published: May. 16, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-11202

    A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.... Read more

    Affected Products : hdf5
    • Published: May. 16, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-11200

    An issue was discovered in Mautic 2.13.1. It has Stored XSS via the company name field.... Read more

    Affected Products : mautic
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-11198

    An issue was discovered in Mautic 2.13.1. There is Stored XSS via the authorUrl field in config.json.... Read more

    Affected Products : mautic
    • Published: Sep. 06, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-11196

    Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other ZIP files that are uploaded, ClamAV ... Read more

    Affected Products : mahara
    • Published: Jun. 01, 2018
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2018-11195

    Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to the browser "back and refresh" attack. This allows malicious users with physical access to the web browser of a Mahara user, after they have logged in, to pote... Read more

    Affected Products : mahara
    • Published: Jun. 01, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-11194

    Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 6 of 6).... Read more

    Affected Products : disk_backup
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-11193

    Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 5 of 6).... Read more

    Affected Products : disk_backup
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-11192

    Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 4 of 6).... Read more

    Affected Products : disk_backup
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-11191

    Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 3 of 6).... Read more

    Affected Products : disk_backup
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-11190

    Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 2 of 6).... Read more

    Affected Products : disk_backup
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-11189

    Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 1 of 6).... Read more

    Affected Products : disk_backup
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-11188

    Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 46 of 46).... Read more

    Affected Products : disk_backup
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-11187

    Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 45 of 46).... Read more

    Affected Products : disk_backup
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293689 Results