Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.4

    HIGH
    CVE-2012-1326

    Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks... Read more

    Affected Products : ironport_web_security_appliance
    • EPSS Score: %0.14
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2012-1316

    Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks... Read more

    Affected Products : ironport_web_security_appliance
    • EPSS Score: %0.20
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-1261

    Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via... Read more

    • EPSS Score: %5.58
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-1260

    Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via ... Read more

    • EPSS Score: %3.92
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-1259

    Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bi... Read more

    • EPSS Score: %14.25
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2012-1258

    cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUse... Read more

    • EPSS Score: %4.78
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-1257

    Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.... Read more

    Affected Products : pidgin
    • EPSS Score: %0.23
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-1187

    Bitlbee does not drop extra group privileges correctly in unix.c... Read more

    Affected Products : bitlbee
    • EPSS Score: %0.43
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-1170

    Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough... Read more

    Affected Products : moodle fedora
    • EPSS Score: %0.47
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2012-1169

    Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.... Read more

    Affected Products : moodle fedora
    • EPSS Score: %0.99
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2012-1168

    Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.... Read more

    Affected Products : moodle enterprise_linux fedora
    • EPSS Score: %2.22
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2012-1161

    Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results... Read more

    Affected Products : moodle fedora
    • EPSS Score: %0.95
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2012-1160

    Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php... Read more

    Affected Products : moodle fedora
    • EPSS Score: %0.75
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2012-1159

    Moodle before 2.2.2: Overview report allows users to see hidden courses... Read more

    Affected Products : moodle fedora
    • EPSS Score: %0.95
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2012-1158

    Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export... Read more

    Affected Products : moodle fedora
    • EPSS Score: %0.95
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2012-1157

    Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default... Read more

    Affected Products : moodle fedora
    • EPSS Score: %0.58
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-1156

    Moodle before 2.2.2 has users' private files included in course backups... Read more

    Affected Products : moodle enterprise_linux fedora
    • EPSS Score: %1.23
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-1155

    Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to... Read more

    • EPSS Score: %1.27
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-1124

    SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter.... Read more

    Affected Products : phxeventmanager
    • EPSS Score: %2.92
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-1115

    A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.... Read more

    • EPSS Score: %0.84
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291562 Results