Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2012-0699

    Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2... Read more

    Affected Products : family_connections_cms
    • EPSS Score: %0.49
    • Published: Jan. 11, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-0694

    SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code.... Read more

    Affected Products : sugarcrm
    • EPSS Score: %83.75
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0433

    The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data.... Read more

    Affected Products : crowbar
    • EPSS Score: %0.03
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 6.4

    MEDIUM
    CVE-2012-0334

    Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks... Read more

    Affected Products : ironport_web_security_appliance
    • EPSS Score: %0.06
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-0070

    spamdyke prior to 4.2.1: STARTTLS reveals plaintext... Read more

    Affected Products : spamdyke
    • EPSS Score: %0.22
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2012-0063

    Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.... Read more

    Affected Products : tucan
    • EPSS Score: %2.43
    • Published: Feb. 21, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-0055

    OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.39
    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2012-0051

    Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval.... Read more

    Affected Products : debian_linux tahoe-lafs
    • EPSS Score: %1.36
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2012-0049

    OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.... Read more

    Affected Products : fedora debian_linux openttd
    • EPSS Score: %0.62
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-0046

    mediawiki allows deleted text to be exposed... Read more

    Affected Products : mediawiki
    • EPSS Score: %0.44
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5331

    Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.... Read more

    Affected Products : distributed_ruby
    • EPSS Score: %1.29
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5330

    Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.... Read more

    Affected Products : distributed_ruby
    • EPSS Score: %0.38
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-5329

    The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562.... Read more

    Affected Products : redirection
    • EPSS Score: %0.19
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-5328

    The user-access-manager plugin before 1.2 for WordPress has CSRF.... Read more

    Affected Products : user_access_manager
    • EPSS Score: %0.11
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5327

    In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.62
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2011-5282

    mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled.... Read more

    Affected Products : mirc
    • EPSS Score: %0.24
    • Published: Jan. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-5271

    Pacemaker before 1.1.6 configure script creates temporary files insecurely... Read more

    Affected Products : pacemaker
    • EPSS Score: %0.41
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5266

    Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.... Read more

    • EPSS Score: %0.26
    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-5250

    Snare for Linux before 1.7.0 has CSRF in the web interface.... Read more

    Affected Products : snare
    • EPSS Score: %0.17
    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-5247

    Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword.... Read more

    Affected Products : snare
    • EPSS Score: %0.58
    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291618 Results