Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2012-1001

    Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php.... Read more

    Affected Products : chyrp
    • EPSS Score: %19.24
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-10017

    A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.04 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. U... Read more

    Affected Products : portfolio
    • EPSS Score: %0.08
    • Published: Dec. 26, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-10016

    A vulnerability classified as problematic has been found in Halulu simple-download-button-shortcode Plugin 1.0 on WordPress. Affected is an unknown function of the file simple-download-button_dl.php of the component Download Handler. The manipulation of t... Read more

    Affected Products : simple-download-button-shortcode
    • EPSS Score: %0.31
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-10015

    A vulnerability was found in BestWebSoft Twitter Plugin up to 2.14 on WordPress. It has been classified as problematic. Affected is the function twttr_settings_page of the file twitter.php of the component Settings Page. The manipulation leads to cross-si... Read more

    Affected Products : twitter
    • EPSS Score: %0.07
    • Published: May. 31, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10014

    A vulnerability classified as problematic has been found in Kau-Boy Backend Localization Plugin 2.0 on WordPress. Affected is the function backend_localization_admin_settings/backend_localization_save_setting/backend_localization_login_form/localize_backe... Read more

    Affected Products : backend_localization
    • EPSS Score: %0.08
    • Published: Apr. 24, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10013

    A vulnerability was found in Kau-Boy Backend Localization Plugin up to 1.6.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the file backend_localization.php. The manipulation leads to cross site scripting. T... Read more

    Affected Products : backend_localization
    • EPSS Score: %0.08
    • Published: Apr. 24, 2023
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-10012

    A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbk_bttn_plgn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cros... Read more

    Affected Products : facebook_button
    • EPSS Score: %0.06
    • Published: Apr. 10, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10011

    A vulnerability was found in HD FLV PLayer Plugin up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is the function hd_add_media/hd_update_media of the file functions.php. The manipulation of the argument name leads to sql inje... Read more

    Affected Products : hd_flv_player
    • EPSS Score: %0.10
    • Published: Apr. 09, 2023
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-10010

    A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrm_settings_page of the file contact_form.php. The manipulation leads to cross-site request forgery. It is possible to initi... Read more

    Affected Products : contact_form
    • EPSS Score: %0.05
    • Published: Apr. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10009

    A vulnerability was found in 404like Plugin up to 1.0.2 on WordPress. It has been classified as critical. Affected is the function checkPage of the file 404Like.php. The manipulation of the argument searchWord leads to sql injection. It is possible to lau... Read more

    Affected Products : 404like
    • EPSS Score: %0.10
    • Published: Mar. 21, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10008

    A vulnerability, which was classified as critical, has been found in uakfdotb oneapp. This issue affects some unknown processing. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This is ... Read more

    Affected Products : oneapp
    • EPSS Score: %0.04
    • Published: Feb. 20, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10007

    A vulnerability was found in madgicweb BuddyStream Plugin up to 3.2.7 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file ShareBox.php. The manipulation of the argument content/link/sha... Read more

    Affected Products : buddystream
    • EPSS Score: %0.08
    • Published: Feb. 19, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10006

    A vulnerability classified as critical has been found in ale7714 sigeprosi. This affects an unknown part. The manipulation leads to sql injection. The identifier of the patch is 5291886f6c992316407c376145d331169c55f25b. It is recommended to apply a patch ... Read more

    Affected Products : sigeprosi
    • EPSS Score: %0.04
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10005

    A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation o... Read more

    Affected Products : php-form-builder-class
    • EPSS Score: %0.06
    • Published: Jan. 12, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10004

    A vulnerability was found in backdrop-contrib Basic Cart on Drupal. It has been classified as problematic. Affected is the function basic_cart_checkout_form_submit of the file basic_cart.cart.inc. The manipulation leads to cross site scripting. It is poss... Read more

    Affected Products : basic_cart
    • EPSS Score: %0.06
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10003

    A vulnerability, which was classified as problematic, has been found in ahmyi RivetTracker. This issue affects some unknown processing. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. The attack may be initiated remote... Read more

    Affected Products : rivettracker
    • EPSS Score: %0.06
    • Published: Jan. 03, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10002

    A vulnerability was found in ahmyi RivetTracker. It has been declared as problematic. Affected by this vulnerability is the function changeColor of the file css.php. The manipulation of the argument set_css leads to cross site scripting. The attack can be... Read more

    Affected Products : rivettracker
    • EPSS Score: %0.06
    • Published: Jan. 03, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10001

    The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it easier for remote attackers to conduct brute-force authentication attempts.... Read more

    Affected Products : limit_login_attempts
    • EPSS Score: %0.77
    • Published: Jan. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2012-0955

    software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a ... Read more

    Affected Products : software-properties
    • EPSS Score: %0.12
    • Published: Dec. 02, 2020
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2012-0953

    A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53.... Read more

    Affected Products : display_driver
    • EPSS Score: %0.04
    • Published: May. 08, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291573 Results