Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2009-4067

    Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control ... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.61
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2009-4011

    dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console.... Read more

    Affected Products : dtc-xen
    • EPSS Score: %0.39
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-3887

    ytnef has directory traversal... Read more

    Affected Products : ytnef
    • EPSS Score: %0.34
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-3724

    python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XSS) issues.... Read more

    Affected Products : python-markdown2
    • EPSS Score: %0.24
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2009-3723

    asterisk allows calls on prohibited networks... Read more

    • EPSS Score: %0.65
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2009-3721

    Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, cr... Read more

    Affected Products : evolution ytnef
    • EPSS Score: %0.78
    • Published: May. 26, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-3614

    liboping 1.3.2 allows users reading arbitrary files upon the local system.... Read more

    Affected Products : debian_linux liboping
    • EPSS Score: %0.12
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 3.1

    LOW
    CVE-2009-3552

    In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterpr... Read more

    Affected Products : enterprise_virtualization_manager
    • EPSS Score: %0.19
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-2802

    MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.... Read more

    Affected Products : mantisbt
    • EPSS Score: %0.45
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2009-20001

    An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and active), allowing an attacker who somehow gained access to a... Read more

    Affected Products : mantisbt
    • EPSS Score: %0.14
    • Published: Mar. 07, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-1120

    EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_sr... Read more

    Affected Products : emc_replistor
    • EPSS Score: %6.10
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-10004

    A vulnerability was found in Turante Sandbox Theme up to 1.5.2. It has been classified as problematic. This affects the function sandbox_body_class of the file functions.php. The manipulation of the argument page leads to cross site scripting. It is possi... Read more

    Affected Products : sandbox_theme
    • EPSS Score: %0.06
    • Published: Apr. 10, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-10003

    A vulnerability was found in capnsquarepants wordcraft up to 0.6. It has been classified as problematic. Affected is an unknown function of the file tag.php. The manipulation of the argument tag leads to cross site scripting. It is possible to launch the ... Read more

    Affected Products : wordcraft
    • EPSS Score: %0.06
    • Published: Jan. 29, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-10002

    A vulnerability, which was classified as problematic, has been found in dpup fittr-flickr. This issue affects some unknown processing of the file fittr-flickr/features/easy-exif.js of the component EXIF Preview Handler. The manipulation leads to cross sit... Read more

    Affected Products : fittr_flickr
    • EPSS Score: %0.06
    • Published: Jan. 13, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-10001

    A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2. This vulnerability affects unknown code of the file example-form.php. The manipulation of the argument captcha with the input %3Cscript%3Ealert(1)%3C/script%3E l... Read more

    Affected Products : cool-php-captcha
    • EPSS Score: %0.08
    • Published: Jan. 13, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-0948

    Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.... Read more

    Affected Products : files
    • EPSS Score: %0.42
    • Published: Jun. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-0947

    Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.... Read more

    Affected Products : files
    • EPSS Score: %0.39
    • Published: Jun. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2009-0035

    alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.... Read more

    Affected Products : alsa
    • EPSS Score: %0.18
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2008-7321

    The tubepress plugin before 1.6.5 for WordPress has XSS.... Read more

    Affected Products : tubepress
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2008-7320

    GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior rep... Read more

    Affected Products : seahorse
    • EPSS Score: %0.08
    • Published: Nov. 18, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291394 Results