Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2011-2807

    Incorrect handling of timer information in Timer.cpp in WebKit in Google Chrome before Blink M13.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.17
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2767

    mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HT... Read more

    • EPSS Score: %4.88
    • Published: Aug. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-2765

    pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.... Read more

    Affected Products : pyro
    • EPSS Score: %0.43
    • Published: Aug. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-2726

    An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in co... Read more

    • EPSS Score: %0.50
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2717

    The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.... Read more

    Affected Products : enterprise_linux dhcp6c
    • EPSS Score: %0.68
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-2715

    An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.... Read more

    Affected Products : drupal data
    • EPSS Score: %0.50
    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-2714

    A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.... Read more

    Affected Products : drupal data
    • EPSS Score: %0.40
    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-2706

    A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71.... Read more

    Affected Products : snews
    • EPSS Score: %0.23
    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-2670

    Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets... Read more

    Affected Products : firefox
    • EPSS Score: %0.33
    • Published: Jan. 13, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-2669

    Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates.... Read more

    Affected Products : firefox
    • EPSS Score: %0.21
    • Published: Jan. 21, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-2668

    Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header... Read more

    Affected Products : firefox
    • EPSS Score: %0.42
    • Published: Jan. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2011-2538

    Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands.... Read more

    • EPSS Score: %2.96
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2523

    vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.... Read more

    Affected Products : debian_linux vsftpd
    • EPSS Score: %94.23
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2011-2515

    PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.... Read more

    • EPSS Score: %0.16
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-2499

    Mambo CMS through 4.6.5 has multiple XSS.... Read more

    Affected Products : mambo_cms
    • EPSS Score: %0.24
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-2498

    The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.06
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2011-2487

    The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.... Read more

    • EPSS Score: %0.14
    • Published: Mar. 11, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-2480

    Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to cop... Read more

    Affected Products : freebsd netbsd
    • EPSS Score: %0.42
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-2353

    Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.30
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2011-2343

    The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291513 Results