Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2013-0180

    Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds.... Read more

    Affected Products : redis
    • EPSS Score: %0.04
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-0178

    Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.... Read more

    Affected Products : redis
    • EPSS Score: %0.14
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-0165

    cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp.... Read more

    Affected Products : openshift
    • EPSS Score: %0.34
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-0163

    OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS... Read more

    Affected Products : openshift openshift
    • EPSS Score: %0.12
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-0161

    Havalite CMS 1.1.7 has a stored XSS vulnerability... Read more

    Affected Products : havalite
    • EPSS Score: %0.30
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2013-0159

    The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg.... Read more

    Affected Products : fedora
    • EPSS Score: %0.04
    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2012-6721

    Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Forum, (2) Event, and (3) Classifieds plugins in SocialEngine before 4.2.4.... Read more

    Affected Products : socialengine
    • EPSS Score: %0.11
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6720

    Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine before 4.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to music/create, (2) location parameter to events/create, or (3) search parameter to... Read more

    Affected Products : socialengine
    • EPSS Score: %0.22
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-6719

    The sharebar plugin before 1.2.2 for WordPress has SQL injection.... Read more

    Affected Products : sharebar
    • EPSS Score: %0.55
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6718

    The sharebar plugin before 1.2.2 for WordPress has XSS, a different issue than CVE-2013-3491.... Read more

    Affected Products : sharebar
    • EPSS Score: %0.19
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6717

    The redirection plugin before 2.2.12 for WordPress has XSS, a different issue than CVE-2011-4562.... Read more

    Affected Products : redirection
    • EPSS Score: %0.19
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6716

    The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links.... Read more

    Affected Products : events_manager events_manager
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6715

    The formbuilder plugin before 0.9.1 for WordPress has XSS via a Referer header.... Read more

    Affected Products : formbuilder
    • EPSS Score: %0.19
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6714

    The count-per-day plugin before 3.2.3 for WordPress has XSS via search words.... Read more

    Affected Products : count_per_day
    • EPSS Score: %0.19
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6713

    The job-manager plugin before 0.7.19 for WordPress has multiple XSS issues.... Read more

    Affected Products : job_manager
    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-6712

    In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.78
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-6711

    A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print ... Read more

    Affected Products : bash enterprise_linux
    • EPSS Score: %0.11
    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-6710

    ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empty array) in an action=login request to index.php.... Read more

    Affected Products : extplorer
    • EPSS Score: %6.56
    • Published: Oct. 07, 2018
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2012-6709

    ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation.... Read more

    Affected Products : links elinks
    • EPSS Score: %0.20
    • Published: Feb. 23, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6708

    jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for th... Read more

    Affected Products : jquery
    • EPSS Score: %0.88
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291641 Results