Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2010-5339

    IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0.... Read more

    Affected Products : webclient
    • EPSS Score: %0.21
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-5338

    IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0.... Read more

    Affected Products : webclient
    • EPSS Score: %0.21
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-5337

    IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0.... Read more

    Affected Products : webclient
    • EPSS Score: %0.21
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-5336

    IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.... Read more

    Affected Products : webclient
    • EPSS Score: %0.21
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-5335

    IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (script to basic/minimizer/index.php) is not properl... Read more

    Affected Products : webclient
    • EPSS Score: %1.88
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-5334

    IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised a... Read more

    Affected Products : webclient
    • EPSS Score: %1.06
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-5333

    The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution. An SEH-overwrite buffer overflow already existed ... Read more

    Affected Products : integard_home integard_pro
    • EPSS Score: %7.22
    • Published: Sep. 13, 2019
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2010-5332

    In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating t... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.10
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-5331

    In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected beca... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-5304

    A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.... Read more

    Affected Products : fedora libvncserver
    • EPSS Score: %3.38
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-5108

    Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions.... Read more

    Affected Products : debian_linux trac
    • EPSS Score: %0.31
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-4817

    pithos before 0.3.5 allows overwrite of arbitrary files via symlinks.... Read more

    Affected Products : debian_linux pithos
    • EPSS Score: %0.25
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-4816

    It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.... Read more

    Affected Products : openbsd openbsd
    • EPSS Score: %1.18
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-4815

    Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution.... Read more

    Affected Products : coppermine_gallery
    • EPSS Score: %0.96
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-4664

    In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.... Read more

    • EPSS Score: %0.20
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4662

    PmWiki before 2.2.21 has XSS.... Read more

    Affected Products : pmwiki
    • EPSS Score: %0.24
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-4661

    udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.... Read more

    • EPSS Score: %0.15
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-4660

    Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..... Read more

    Affected Products : statusnet
    • EPSS Score: %0.42
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4659

    Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.... Read more

    Affected Products : statusnet
    • EPSS Score: %0.41
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-4658

    statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.... Read more

    Affected Products : statusnet
    • EPSS Score: %0.24
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291551 Results