Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2012-5663

    The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).... Read more

    Affected Products : textproc\/isearch
    • EPSS Score: %0.37
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-5645

    A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption... Read more

    Affected Products : fedora freeciv
    • EPSS Score: %6.12
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-5644

    libuser has information disclosure when moving user's home directory... Read more

    • EPSS Score: %0.07
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-5640

    thttpd has a local DoS vulnerability via specially-crafted .htpasswd files... Read more

    Affected Products : thttpd
    • EPSS Score: %0.08
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2012-5639

    LibreOffice and OpenOffice automatically open embedded content... Read more

    Affected Products : debian_linux libreoffice openoffice
    • EPSS Score: %0.61
    • Published: Dec. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-5631

    ipa 3.0 does not properly check server identity before sending credential containing cookies... Read more

    Affected Products : freeipa
    • EPSS Score: %0.51
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2012-5630

    libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.... Read more

    Affected Products : enterprise_linux fedora libuser
    • EPSS Score: %0.12
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2012-5628

    gofer before 0.68 uses world-writable permissions for /var/lib/gofer/journal/watchdog, which allows local users to cause a denial of service by removing journal entries.... Read more

    Affected Products : gofer
    • EPSS Score: %0.04
    • Published: May. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-5626

    EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles spe... Read more

    • EPSS Score: %0.18
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-5623

    Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords.... Read more

    Affected Products : change_passwd
    • EPSS Score: %0.15
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-5618

    Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens.... Read more

    Affected Products : ushahidi
    • EPSS Score: %0.30
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-5617

    gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation... Read more

    Affected Products : fedora gksu-polkit
    • EPSS Score: %0.10
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-5582

    opendnssec misuses libcurl API... Read more

    Affected Products : opendnssec
    • EPSS Score: %0.56
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2012-5578

    Python keyring has insecure permissions on new databases allowing world-readable files to be created... Read more

    Affected Products : keyring
    • EPSS Score: %0.05
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-5577

    Python keyring lib before 0.10 created keyring files with world-readable permissions.... Read more

    Affected Products : debian_linux keyring
    • EPSS Score: %0.33
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2012-5570

    The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.... Read more

    Affected Products : basic_webmail
    • EPSS Score: %0.25
    • Published: Feb. 08, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2012-5562

    rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite... Read more

    Affected Products : satellite
    • EPSS Score: %0.10
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2012-5558

    Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary w... Read more

    Affected Products : smiley smileys
    • EPSS Score: %0.16
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-5535

    gnome-system-log polkit policy allows arbitrary files on the system to be read... Read more

    Affected Products : fedora gnome-system-log
    • EPSS Score: %0.48
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-5527

    Claws Mail vCalendar plugin: credentials exposed on interface... Read more

    Affected Products : vcalendar
    • EPSS Score: %2.71
    • Published: Nov. 25, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291737 Results