Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2010-1673

    A cross-site scripting (XSS) vulnerability in ikiwiki before 3.20101112 allows remote attackers to inject arbitrary web script or HTML via a comment.... Read more

    Affected Products : ikiwiki
    • EPSS Score: %0.33
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-1435

    Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector.... Read more

    Affected Products : joomla\!
    • EPSS Score: %0.01
    • Published: Jun. 21, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-1434

    Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hijack an arbitrary session and gain access to sensitive information, which may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1... Read more

    Affected Products : joomla\!
    • EPSS Score: %0.01
    • Published: Jun. 21, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-1433

    Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the ... Read more

    Affected Products : joomla\!
    • EPSS Score: %0.02
    • Published: Jun. 21, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-1432

    Joomla! Core is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 ar... Read more

    Affected Products : joomla\!
    • EPSS Score: %0.01
    • Published: Jun. 21, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-10011

    A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04. Affected is an unknown function. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the... Read more

    Affected Products : femitter_server
    • EPSS Score: %0.24
    • Published: Jan. 12, 2024
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-10010

    A vulnerability classified as problematic has been found in Stars Alliance PsychoStats up to 3.2.2a. This affects an unknown part of the file upload/admin/login.php. The manipulation of the argument ref leads to cross site scripting. It is possible to ini... Read more

    Affected Products : psychostats
    • EPSS Score: %0.07
    • Published: Jun. 01, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-10009

    A vulnerability was found in frioux ptome. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The patch is named 26829bba67858ca0bd4ce49ad50e7ce653914276. It is recommended to apply a patch ... Read more

    Affected Products : ptome
    • EPSS Score: %0.04
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2010-10008

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in simplesamlphp simplesamlphp-module-openidprovider up to 0.8.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file templates/trust.tpl.php... Read more

    • EPSS Score: %0.07
    • Published: Jan. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-10007

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in lierdakil click-reminder. It has been rated as critical. This issue affects the function db_query of the file src/backend/include/BaseAction.php. The manipulation leads to sql injection. The ide... Read more

    Affected Products : click-reminder
    • EPSS Score: %0.04
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-10004

    A vulnerability was found in Information Cards Module on simpleSAMLphp and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.... Read more

    • EPSS Score: %0.06
    • Published: Jan. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-10003

    A vulnerability classified as critical was found in gesellix titlelink on Joomla. Affected by this vulnerability is an unknown functionality of the file plugin_content_title.php. The manipulation of the argument phrase leads to sql injection. The patch is... Read more

    Affected Products : titlelink
    • EPSS Score: %0.04
    • Published: Jan. 04, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-10002

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of ... Read more

    Affected Products : simplesamlphp-module-openid
    • EPSS Score: %0.07
    • Published: Jan. 01, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-10001

    A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 1000000000000000 as part of a NZB File leads to a denial ... Read more

    Affected Products : grabit
    • EPSS Score: %0.19
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-0749

    Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame.... Read more

    Affected Products : linux_kernel debian_linux transmission
    • EPSS Score: %0.73
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-0748

    Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.... Read more

    Affected Products : linux_kernel debian_linux transmission
    • EPSS Score: %0.86
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-0747

    drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725.... Read more

    Affected Products : debian_linux drbd8
    • EPSS Score: %0.04
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2010-0737

    A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.... Read more

    Affected Products : jboss_operations_network
    • EPSS Score: %0.14
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2010-0398

    The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack.... Read more

    Affected Products : autokey
    • EPSS Score: %0.43
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-0207

    In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.... Read more

    Affected Products : debian_linux poppler xpdf
    • EPSS Score: %0.44
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291384 Results