Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2011-2337

    A wrong type is used for a return value from strlen in WebKit in Google Chrome before Blink M12 on 64-bit platforms.... Read more

    Affected Products : blink
    • EPSS Score: %0.29
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-2336

    An issue exists in WebKit in Google Chrome before Blink M12. when clearing lists in AnimationControllerPrivate that signal when a hardware animation starts.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.30
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-2335

    A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.17
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-2334

    Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.17
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2011-2207

    dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.... Read more

    Affected Products : enterprise_linux debian_linux gnupg
    • EPSS Score: %1.44
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-2195

    A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument to execute arbitrary commands against the underlying op... Read more

    Affected Products : websvn
    • EPSS Score: %3.42
    • Published: Oct. 26, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-2187

    xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication.... Read more

    Affected Products : debian_linux xscreensaver
    • EPSS Score: %0.09
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-2177

    OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools.... Read more

    Affected Products : openoffice
    • EPSS Score: %2.37
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-2054

    A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are corre... Read more

    • EPSS Score: %0.17
    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1939

    SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.... Read more

    Affected Products : debian_linux php zend_framework
    • EPSS Score: %15.45
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2011-1934

    lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1.... Read more

    Affected Products : debian_linux lilo
    • EPSS Score: %0.30
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1933

    SQL injection vulnerability in Jifty::DBI before 0.68.... Read more

    Affected Products : \
    • EPSS Score: %0.54
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-1930

    In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any proce... Read more

    Affected Products : debian_linux klibc
    • EPSS Score: %28.99
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-1830

    Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so.... Read more

    Affected Products : ekiga
    • EPSS Score: %0.20
    • Published: Apr. 22, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-1805

    Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome
    • EPSS Score: %0.35
    • Published: Jun. 03, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-1803

    An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Google Chrome before Blink M11 and M12 when trying to access a removed smil element.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.17
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-1802

    WebKit in Google Chrome before Blink M11 and M12 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption).... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.49
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-1762

    A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission.... Read more

    Affected Products : wordpress
    • EPSS Score: %0.29
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-1597

    OpenVAS Manager v2.0.3 allows plugin remote code execution.... Read more

    Affected Products : openvas_manager
    • EPSS Score: %1.86
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-1588

    Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.... Read more

    Affected Products : debian_linux opensuse thunar
    • EPSS Score: %0.32
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291513 Results