Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2012-4818

    IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to ... Read more

    Affected Products : infosphere_information_server
    • EPSS Score: %0.15
    • Published: Sep. 29, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-4767

    An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine.... Read more

    Affected Products : data_protector_agent
    • EPSS Score: %0.10
    • Published: Jan. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-4761

    A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges.... Read more

    Affected Products : data_protector_agent
    • EPSS Score: %0.07
    • Published: Jan. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-4760

    A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges.... Read more

    Affected Products : data_protector_agent
    • EPSS Score: %0.07
    • Published: Jan. 13, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-4750

    A Code Execution vulnerability exists in the memcpy function when processing AMF requests in Ezhometech EzServer 7.0, which could let a remote malicious user execute arbitrary code or cause a Denial of Service... Read more

    Affected Products : ezserver
    • EPSS Score: %27.99
    • Published: Jan. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-4606

    Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privile... Read more

    Affected Products : xenserver
    • EPSS Score: %0.04
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-4603

    Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver.... Read more

    Affected Products : windows receiver xenapp_online
    • EPSS Score: %5.78
    • Published: Jan. 10, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-4576

    FreeBSD: Input Validation Flaw allows local users to gain elevated privileges... Read more

    Affected Products : debian_linux freebsd
    • EPSS Score: %0.10
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-4526

    piwigo has XSS in password.php (incomplete fix for CVE-2012-4525)... Read more

    Affected Products : piwigo
    • EPSS Score: %0.43
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-4525

    piwigo has XSS in password.php... Read more

    Affected Products : piwigo
    • EPSS Score: %0.43
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-4524

    xlockmore before 5.43 'dclock' security bypass vulnerability... Read more

    Affected Products : fedora xlockmore
    • EPSS Score: %0.67
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-4519

    Zenphoto before 1.4.3.4 admin-news-articles.php date parameter XSS.... Read more

    Affected Products : zenphoto
    • EPSS Score: %0.24
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-4512

    The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."... Read more

    • EPSS Score: %9.04
    • Published: Feb. 08, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-4480

    mom creates world-writable pid files in /var/run... Read more

    Affected Products : fedora mom
    • EPSS Score: %0.13
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-4451

    Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Decorato... Read more

    Affected Products : enterprise_linux fedora zend_framework
    • EPSS Score: %1.78
    • Published: Jan. 03, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-4441

    Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.... Read more

    Affected Products : jenkins
    • EPSS Score: %1.50
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-4440

    Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin.... Read more

    Affected Products : jenkins
    • EPSS Score: %1.50
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-4439

    Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.... Read more

    Affected Products : jenkins
    • EPSS Score: %0.44
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-4438

    Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.... Read more

    Affected Products : jenkins
    • EPSS Score: %1.12
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-4434

    fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code.... Read more

    Affected Products : fwknop
    • EPSS Score: %5.49
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291737 Results