Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2010-4177

    mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.... Read more

    Affected Products : fedora mysql-gui-tools
    • EPSS Score: %0.07
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2010-3917

    Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site.... Read more

    Affected Products : chrome
    • EPSS Score: %0.47
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3857

    JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter.... Read more

    • EPSS Score: %0.49
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3844

    An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.... Read more

    Affected Products : debian_linux ettercap
    • EPSS Score: %0.53
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-3843

    The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a malic... Read more

    Affected Products : ettercap
    • EPSS Score: %0.05
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3782

    obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation.... Read more

    Affected Products : linux_enterprise_server obs-server
    • EPSS Score: %0.29
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3674

    TYPO3 before 4.4.1 allows XSS in the frontend search box.... Read more

    Affected Products : debian_linux typo3
    • EPSS Score: %0.54
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-3673

    TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API.... Read more

    Affected Products : typo3
    • EPSS Score: %0.46
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3672

    TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension.... Read more

    Affected Products : typo3
    • EPSS Score: %0.45
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2010-3671

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session.... Read more

    Affected Products : typo3
    • EPSS Score: %0.90
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2010-3670

    TYPO3 before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness during generation of a hash with the "forgot password" function.... Read more

    Affected Products : typo3
    • EPSS Score: %0.13
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2010-3669

    TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box.... Read more

    Affected Products : typo3
    • EPSS Score: %0.24
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-3668

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl.... Read more

    Affected Products : typo3
    • EPSS Score: %0.43
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-3667

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element.... Read more

    Affected Products : typo3
    • EPSS Score: %0.32
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-3666

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness in the uniqid function.... Read more

    Affected Products : typo3
    • EPSS Score: %0.32
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2010-3665

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager.... Read more

    Affected Products : typo3
    • EPSS Score: %0.43
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2010-3664

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %0.43
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3663

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %3.15
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3662

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows SQL Injection on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %0.70
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3661

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %0.27
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291400 Results