Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2012-2238

    trytond 2.4: ModelView.button fails to validate authorization... Read more

    Affected Products : trytond
    • EPSS Score: %0.35
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-2237

    Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) ... Read more

    Affected Products : debian_linux mahara
    • EPSS Score: %6.62
    • Published: Dec. 17, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-2226

    Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file.... Read more

    Affected Products : invision_power_board
    • EPSS Score: %13.03
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-2204

    InfoSphere Guardium aix_ktap module: DoS... Read more

    Affected Products : infosphere_guardium
    • EPSS Score: %0.06
    • Published: Feb. 10, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-2201

    IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.02
    • Published: Sep. 29, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-2166

    IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remote attackers to gain user access via unknown vectors. IB... Read more

    • EPSS Score: %2.99
    • Published: Feb. 08, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-2160

    IBM Rational Change 5.3 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the SUPP_TEMPLATE_FLAG parameter in a specially-crafted URL to execute script in ... Read more

    Affected Products : rational_change
    • EPSS Score: %0.12
    • Published: Sep. 29, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-2148

    An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies... Read more

    • EPSS Score: %0.10
    • Published: Dec. 06, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-2142

    The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.... Read more

    Affected Products : enterprise_linux poppler xpdf opensuse
    • EPSS Score: %1.33
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2012-2130

    A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.... Read more

    Affected Products : fedora debian_linux polarssl
    • EPSS Score: %0.07
    • Published: Dec. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2012-2092

    A Security Bypass vulnerability exists in Ubuntu Cobbler before 2,2,2 in the cobbler-ubuntu-import script due to an error when verifying the GPG signature.... Read more

    Affected Products : ubuntu_cobbler
    • EPSS Score: %0.09
    • Published: Dec. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-2087

    ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client interface.... Read more

    Affected Products : ispconfig
    • EPSS Score: %3.33
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-2079

    A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.... Read more

    Affected Products : activity
    • EPSS Score: %0.23
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2012-2078

    Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for Drupal.... Read more

    Affected Products : activity
    • EPSS Score: %0.36
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-20001

    PrestaShop before 1.5.2 allows XSS via the "<object data='data:text/html" substring in the message field.... Read more

    Affected Products : prestashop
    • EPSS Score: %0.40
    • Published: Dec. 21, 2021
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2012-1994

    HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information... Read more

    Affected Products : systems_insight_manager
    • EPSS Score: %0.54
    • Published: Feb. 10, 2020
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2012-1932

    A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting.... Read more

    Affected Products : wolf_cms
    • EPSS Score: %0.15
    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-1915

    EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.... Read more

    Affected Products : codeigniter
    • EPSS Score: %0.28
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2012-1903

    XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess parameter.... Read more

    Affected Products : community
    • EPSS Score: %0.21
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2012-1637

    Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x before 6.x-3.1, and 7.x-3.x before 7.x-3.3 for Drupal.... Read more

    Affected Products : quick_tabs
    • EPSS Score: %0.36
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291573 Results