Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2012-5623

    Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords.... Read more

    Affected Products : change_passwd
    • EPSS Score: %0.15
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-5618

    Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens.... Read more

    Affected Products : ushahidi
    • EPSS Score: %0.30
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-5617

    gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation... Read more

    Affected Products : fedora gksu-polkit
    • EPSS Score: %0.10
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-5582

    opendnssec misuses libcurl API... Read more

    Affected Products : opendnssec
    • EPSS Score: %0.56
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2012-5578

    Python keyring has insecure permissions on new databases allowing world-readable files to be created... Read more

    Affected Products : keyring
    • EPSS Score: %0.05
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-5577

    Python keyring lib before 0.10 created keyring files with world-readable permissions.... Read more

    Affected Products : debian_linux keyring
    • EPSS Score: %0.33
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2012-5570

    The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.... Read more

    Affected Products : basic_webmail
    • EPSS Score: %0.25
    • Published: Feb. 08, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2012-5562

    rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite... Read more

    Affected Products : satellite
    • EPSS Score: %0.10
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2012-5558

    Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary w... Read more

    Affected Products : smiley smileys
    • EPSS Score: %0.16
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-5535

    gnome-system-log polkit policy allows arbitrary files on the system to be read... Read more

    Affected Products : fedora gnome-system-log
    • EPSS Score: %0.48
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-5527

    Claws Mail vCalendar plugin: credentials exposed on interface... Read more

    Affected Products : vcalendar
    • EPSS Score: %2.71
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2012-5521

    quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal... Read more

    Affected Products : enterprise_linux debian_linux quagga
    • EPSS Score: %0.33
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-5518

    vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate)... Read more

    Affected Products : vdsm
    • EPSS Score: %0.22
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-5476

    Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.... Read more

    Affected Products : debian_linux horizon
    • EPSS Score: %0.15
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-5474

    The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value.... Read more

    Affected Products : fedora debian_linux openstack horizon
    • EPSS Score: %0.07
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-5389

    NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted HTTP request.... Read more

    Affected Products : powertcp_webserver_for_activex
    • EPSS Score: %4.74
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-5366

    The IPv6 implementation in Apple Mac OS X (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.94
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-5365

    The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.... Read more

    Affected Products : freebsd netbsd
    • EPSS Score: %0.94
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-5364

    The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.... Read more

    • EPSS Score: %21.58
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-5363

    The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.... Read more

    Affected Products : freebsd netbsd
    • EPSS Score: %0.94
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291728 Results