Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2011-1150

    bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter.... Read more

    Affected Products : bbpress
    • EPSS Score: %0.23
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-1145

    The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.... Read more

    • EPSS Score: %0.22
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2011-1136

    In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file.... Read more

    Affected Products : debian_linux tesseract
    • EPSS Score: %0.26
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1135

    Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php.... Read more

    Affected Products : serendipity
    • EPSS Score: %0.86
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1134

    Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.... Read more

    Affected Products : serendipity
    • EPSS Score: %5.00
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1133

    Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php.... Read more

    Affected Products : serendipity
    • EPSS Score: %0.86
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1086

    Cross-site scripting (XSS) vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter.... Read more

    Affected Products : openfiler
    • EPSS Score: %0.24
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-1085

    CSRF vulnerability in Smoothwall Express 3.... Read more

    Affected Products : smoothwall_express
    • EPSS Score: %0.16
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1084

    A cross-site scripting (XSS) vulnerability in Smoothwall Express 3.... Read more

    Affected Products : smoothwall_express
    • EPSS Score: %0.24
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2011-1075

    FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File() function, which takes a pathname as an argument, and is called with... Read more

    Affected Products : freebsd
    • EPSS Score: %0.20
    • Published: Oct. 19, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-1070

    v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.... Read more

    Affected Products : debian_linux v86d
    • EPSS Score: %0.13
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1069

    PHPShop through 0.8.1 has XSS.... Read more

    Affected Products : phpshop
    • EPSS Score: %0.24
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1028

    The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.... Read more

    Affected Products : debian_linux smarty
    • EPSS Score: %0.52
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1009

    Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter.... Read more

    Affected Products : vanilla
    • EPSS Score: %0.05
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-10005

    A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has... Read more

    Affected Products : easyftp easyftp_server
    • EPSS Score: %0.06
    • Published: Jan. 16, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-10004

    A vulnerability was found in reciply Plugin up to 1.1.7 on WordPress. It has been rated as critical. This issue affects some unknown processing of the file uploadImage.php. The manipulation leads to unrestricted upload. The attack may be initiated remotel... Read more

    Affected Products : reciply
    • EPSS Score: %0.18
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-10003

    A vulnerability was found in XpressEngine up to 1.4.4. It has been rated as critical. This issue affects some unknown processing of the component Update Query Handler. The manipulation leads to sql injection. Upgrading to version 1.4.5 is able to address ... Read more

    Affected Products : xpressengine
    • EPSS Score: %0.04
    • Published: Feb. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-10002

    A vulnerability classified as critical has been found in weblabyrinth 0.3.1. This affects the function Labyrinth of the file labyrinth.inc.php. The manipulation leads to sql injection. Upgrading to version 0.3.2 is able to address this issue. The identifi... Read more

    Affected Products : weblabyrinth
    • EPSS Score: %0.04
    • Published: Feb. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-10001

    A vulnerability was found in iamdroppy phoenixcf. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file content/2-Community/articles.cfm. The manipulation leads to sql injection. The patch is named d156fa... Read more

    Affected Products : phoenixcf
    • EPSS Score: %0.04
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2011-0704

    389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request.... Read more

    Affected Products : 389_directory_server
    • EPSS Score: %0.45
    • Published: May. 04, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291520 Results