Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2012-1124

    SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter.... Read more

    Affected Products : phxeventmanager
    • EPSS Score: %2.92
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-1115

    A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.... Read more

    • EPSS Score: %0.84
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-1114

    A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.... Read more

    • EPSS Score: %0.84
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-1109

    mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions... Read more

    Affected Products : mwlib
    • EPSS Score: %0.68
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-1105

    An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.... Read more

    Affected Products : fedora debian_linux phpcas
    • EPSS Score: %0.15
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2012-1104

    A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed.... Read more

    Affected Products : linux_kernel debian_linux phpcas
    • EPSS Score: %0.24
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-1102

    It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the... Read more

    Affected Products : \
    • EPSS Score: %0.29
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-1101

    systemd 37-1 does not properly handle non-existent services, which causes a denial of service (failure of login procedure).... Read more

    Affected Products : systemd
    • EPSS Score: %0.15
    • Published: Mar. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-1096

    NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.... Read more

    Affected Products : debian_linux networkmanager
    • EPSS Score: %0.35
    • Published: Mar. 10, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-1094

    JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.... Read more

    • EPSS Score: %0.24
    • Published: Mar. 10, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-1093

    The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.... Read more

    Affected Products : debian_linux x11-common
    • EPSS Score: %0.14
    • Published: Feb. 21, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-1001

    Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php.... Read more

    Affected Products : chyrp
    • EPSS Score: %19.24
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-10017

    A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.04 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. U... Read more

    Affected Products : portfolio
    • EPSS Score: %0.08
    • Published: Dec. 26, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-10016

    A vulnerability classified as problematic has been found in Halulu simple-download-button-shortcode Plugin 1.0 on WordPress. Affected is an unknown function of the file simple-download-button_dl.php of the component Download Handler. The manipulation of t... Read more

    Affected Products : simple-download-button-shortcode
    • EPSS Score: %0.31
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-10015

    A vulnerability was found in BestWebSoft Twitter Plugin up to 2.14 on WordPress. It has been classified as problematic. Affected is the function twttr_settings_page of the file twitter.php of the component Settings Page. The manipulation leads to cross-si... Read more

    Affected Products : twitter
    • EPSS Score: %0.07
    • Published: May. 31, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10014

    A vulnerability classified as problematic has been found in Kau-Boy Backend Localization Plugin 2.0 on WordPress. Affected is the function backend_localization_admin_settings/backend_localization_save_setting/backend_localization_login_form/localize_backe... Read more

    Affected Products : backend_localization
    • EPSS Score: %0.08
    • Published: Apr. 24, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10013

    A vulnerability was found in Kau-Boy Backend Localization Plugin up to 1.6.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the file backend_localization.php. The manipulation leads to cross site scripting. T... Read more

    Affected Products : backend_localization
    • EPSS Score: %0.08
    • Published: Apr. 24, 2023
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-10012

    A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbk_bttn_plgn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cros... Read more

    Affected Products : facebook_button
    • EPSS Score: %0.06
    • Published: Apr. 10, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10011

    A vulnerability was found in HD FLV PLayer Plugin up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is the function hd_add_media/hd_update_media of the file functions.php. The manipulation of the argument name leads to sql inje... Read more

    Affected Products : hd_flv_player
    • EPSS Score: %0.10
    • Published: Apr. 09, 2023
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-10010

    A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrm_settings_page of the file contact_form.php. The manipulation leads to cross-site request forgery. It is possible to initi... Read more

    Affected Products : contact_form
    • EPSS Score: %0.05
    • Published: Apr. 09, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291779 Results