Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.6

    HIGH
    CVE-2014-0144

    QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arb... Read more

    • EPSS Score: %1.98
    • Published: Sep. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2014-0104

    In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates.... Read more

    Affected Products : fence-agents
    • EPSS Score: %0.30
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2014-0091

    Foreman has improper input validation which could lead to partial Denial of Service... Read more

    Affected Products : foreman
    • EPSS Score: %0.51
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2014-0087

    The check_privileges method in vmdb/app/controllers/application_controller.rb in ManageIQ, as used in Red Hat CloudForms Management Engine (CFME), allows remote authenticated users to bypass authorization and gain privileges by leveraging improper RBAC ch... Read more

    Affected Products : cloudforms_management_engine
    • EPSS Score: %0.10
    • Published: Jan. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-0084

    Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.... Read more

    Affected Products : openshift_origin
    • EPSS Score: %0.13
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-0083

    The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.... Read more

    Affected Products : debian_linux net-ldap
    • EPSS Score: %0.07
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-0068

    It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission.... Read more

    • EPSS Score: %0.04
    • Published: Jun. 30, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-0048

    An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways.... Read more

    Affected Products : docker geode
    • EPSS Score: %3.32
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2014-0026

    katello-headpin is vulnerable to CSRF in REST API... Read more

    Affected Products : subscription_asset_manager
    • EPSS Score: %0.15
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2014-0023

    OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution... Read more

    Affected Products : openshift
    • EPSS Score: %0.12
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2014-0021

    Chrony before 1.29.1 has traffic amplification in cmdmon protocol... Read more

    Affected Products : fedora debian_linux chrony chrony
    • EPSS Score: %2.36
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-0014

    Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application using the "{{group}}" Helper and a cr... Read more

    Affected Products : ember.js
    • EPSS Score: %0.29
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-0013

    Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application that contains templates whose context... Read more

    Affected Products : ember.js
    • EPSS Score: %0.20
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-0011

    Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via v... Read more

    Affected Products : tigervnc
    • EPSS Score: %0.55
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-7491

    An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated.... Read more

    Affected Products : dbi
    • EPSS Score: %0.38
    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-7490

    An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.... Read more

    Affected Products : ubuntu_linux dbi
    • EPSS Score: %0.39
    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2013-7489

    The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.... Read more

    Affected Products : beaker
    • EPSS Score: %0.05
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-7488

    perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.... Read more

    Affected Products : fedora \
    • EPSS Score: %1.01
    • Published: Apr. 07, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7487

    On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000.... Read more

    • EPSS Score: %2.92
    • Published: Mar. 21, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7486

    Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email. NOTE: this vulnerability w... Read more

    Affected Products : open-xchange_appsuite
    • EPSS Score: %0.92
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291806 Results