Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2015-10081

    A vulnerability was found in arnoldle submitByMailPlugin 1.0b2.9 and classified as problematic. This issue affects some unknown processing of the file edit_list.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotel... Read more

    Affected Products : submitbymailplugin
    • EPSS Score: %0.05
    • Published: Feb. 20, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10080

    A vulnerability was found in NREL api-umbrella-web 0.7.1. It has been classified as problematic. This affects an unknown part of the component Admin Data Table Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack ... Read more

    Affected Products : api_umbrella
    • EPSS Score: %0.06
    • Published: Feb. 20, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10079

    A vulnerability was found in juju2143 WalrusIRC 0.0.2. It has been rated as problematic. This issue affects the function parseLinks of the file public/parser.js. The manipulation of the argument text leads to cross site scripting. The attack may be initia... Read more

    Affected Products : walrusirc
    • EPSS Score: %0.06
    • Published: Feb. 13, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10078

    A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1 on WordPress. This issue affects the function send_welcome_email_url of the file resend-welcome-email.php. The manipulation leads to cross ... Read more

    Affected Products : resend_welcome_email
    • EPSS Score: %0.10
    • Published: Feb. 12, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10077

    A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql in... Read more

    Affected Products : silverstripe-kapost-bridge
    • EPSS Score: %0.04
    • Published: Feb. 10, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10076

    A vulnerability was found in dimtion Shaarlier up to 1.2.2. It has been declared as critical. Affected by this vulnerability is the function createTag of the file app/src/main/java/com/dimtion/shaarlier/TagsSource.java of the component Tag Handler. The ma... Read more

    Affected Products : shaarlier
    • EPSS Score: %0.04
    • Published: Feb. 09, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10075

    A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function override_content_width/register_settings of the file custom-content-width.php. The manipulation leads to cross site ... Read more

    Affected Products : custom-content-width
    • EPSS Score: %0.17
    • Published: Feb. 07, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10074

    A vulnerability was found in OpenSeaMap online_chart 1.2. It has been classified as problematic. Affected is the function init of the file index.php. The manipulation of the argument mtext leads to cross site scripting. It is possible to launch the attack... Read more

    Affected Products : online_chart
    • EPSS Score: %0.06
    • Published: Feb. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.6

    CRITICAL
    CVE-2015-10073

    A vulnerability, which was classified as problematic, was found in tinymighty WikiSEO 1.2.1 on MediaWiki. This affects the function modifyHTML of the file WikiSEO.body.php of the component Meta Property Tag Handler. The manipulation of the argument conten... Read more

    Affected Products : wikiseo
    • EPSS Score: %0.14
    • Published: Feb. 06, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-10072

    A vulnerability classified as problematic was found in NREL api-umbrella-web 0.7.1. This vulnerability affects unknown code of the component Flash Message Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgra... Read more

    Affected Products : api_umbrella_web api_umbrella
    • EPSS Score: %0.07
    • Published: Feb. 04, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2015-10071

    A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipulation leads to weak password recovery. The complexity o... Read more

    Affected Products : ez_publish_modern_legacy
    • EPSS Score: %0.07
    • Published: Jan. 19, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10070

    A vulnerability was found in copperwall Twiddit. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation leads to sql injection. The identifier of the patch is 2203d4ce9810bdaccece5c48ff4888658a01a... Read more

    Affected Products : twiddit
    • EPSS Score: %0.04
    • Published: Jan. 19, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10069

    A vulnerability was found in viakondratiuk cash-machine. It has been declared as critical. This vulnerability affects the function is_card_pin_at_session/update_failed_attempts of the file machine.py. The manipulation leads to sql injection. The name of t... Read more

    Affected Products : cash-machine
    • EPSS Score: %0.04
    • Published: Jan. 19, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10068

    A vulnerability classified as critical was found in danynab movify-j. This vulnerability affects the function getByMovieId of the file app/business/impl/ReviewServiceImpl.java. The manipulation of the argument movieId/username leads to sql injection. The ... Read more

    Affected Products : movify-j
    • EPSS Score: %0.04
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2015-10067

    A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has been classified as problematic. This affects an unknown part of the file SSharpSmartThreadPool/SmartThreadPool.cs. The manipulation leads to race condition within a thread. The complex... Read more

    Affected Products : ssharpsmartthreadpool
    • EPSS Score: %0.06
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10066

    A vulnerability was found in tynx wuersch and classified as critical. Affected by this issue is the function packValue/getByCustomQuery of the file backend/base/Store.class.php. The manipulation leads to sql injection. The patch is identified as 66d471875... Read more

    Affected Products : wuersch
    • EPSS Score: %0.05
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10065

    A vulnerability classified as critical was found in AenBleidd FiND. This vulnerability affects the function init_result of the file validator/my_validator.cpp. The manipulation leads to buffer overflow. The patch is identified as ee2eef34a83644f286c9adcaf... Read more

    Affected Products : find
    • EPSS Score: %0.10
    • Published: Jan. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10064

    A vulnerability was found in VictorFerraresi pokemon-database-php. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named dd0e1e6cdf648d6a3deff441f515bcb1d7... Read more

    Affected Products : pokemon-database-php
    • EPSS Score: %0.05
    • Published: Jan. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10063

    A vulnerability was found in saemorris TheRadSystem and classified as critical. This issue affects the function redirect of the file _login.php. The manipulation of the argument user/pass leads to sql injection. The attack may be initiated remotely. The i... Read more

    Affected Products : theradsystem
    • EPSS Score: %0.05
    • Published: Jan. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10062

    A vulnerability, which was classified as problematic, was found in galaxy-data-resource up to 14.10.0. This affects an unknown part of the component Command Line Template. The manipulation leads to injection. Upgrading to version 14.10.1 is able to addres... Read more

    Affected Products : galaxy
    • EPSS Score: %0.08
    • Published: Jan. 17, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 292275 Results