Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2011-1069

    PHPShop through 0.8.1 has XSS.... Read more

    Affected Products : phpshop
    • EPSS Score: %0.24
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1028

    The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.... Read more

    Affected Products : debian_linux smarty
    • EPSS Score: %0.52
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1009

    Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter.... Read more

    Affected Products : vanilla
    • EPSS Score: %0.05
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-10005

    A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has... Read more

    Affected Products : easyftp easyftp_server
    • EPSS Score: %0.06
    • Published: Jan. 16, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-10004

    A vulnerability was found in reciply Plugin up to 1.1.7 on WordPress. It has been rated as critical. This issue affects some unknown processing of the file uploadImage.php. The manipulation leads to unrestricted upload. The attack may be initiated remotel... Read more

    Affected Products : reciply
    • EPSS Score: %0.18
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-10003

    A vulnerability was found in XpressEngine up to 1.4.4. It has been rated as critical. This issue affects some unknown processing of the component Update Query Handler. The manipulation leads to sql injection. Upgrading to version 1.4.5 is able to address ... Read more

    Affected Products : xpressengine
    • EPSS Score: %0.04
    • Published: Feb. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-10002

    A vulnerability classified as critical has been found in weblabyrinth 0.3.1. This affects the function Labyrinth of the file labyrinth.inc.php. The manipulation leads to sql injection. Upgrading to version 0.3.2 is able to address this issue. The identifi... Read more

    Affected Products : weblabyrinth
    • EPSS Score: %0.04
    • Published: Feb. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-10001

    A vulnerability was found in iamdroppy phoenixcf. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file content/2-Community/articles.cfm. The manipulation leads to sql injection. The patch is named d156fa... Read more

    Affected Products : phoenixcf
    • EPSS Score: %0.04
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2011-0704

    389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request.... Read more

    Affected Products : 389_directory_server
    • EPSS Score: %0.45
    • Published: May. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-0703

    In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session.... Read more

    Affected Products : debian_linux gksu-polkit
    • EPSS Score: %0.43
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2011-0699

    Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-0544

    phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag.... Read more

    Affected Products : debian_linux phpbb
    • EPSS Score: %0.34
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-0529

    Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.... Read more

    Affected Products : debian_linux weborf
    • EPSS Score: %0.45
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-0525

    Batavi before 1.0 has CSRF.... Read more

    Affected Products : batavi
    • EPSS Score: %0.14
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-0467

    A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.... Read more

    • EPSS Score: %0.30
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-0428

    Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments.... Read more

    Affected Products : ikiwiki
    • EPSS Score: %0.32
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-0220

    Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet.... Read more

    Affected Products : bonjour
    • EPSS Score: %0.04
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-5340

    IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.... Read more

    Affected Products : webclient
    • EPSS Score: %0.21
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-5339

    IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0.... Read more

    Affected Products : webclient
    • EPSS Score: %0.21
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-5338

    IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0.... Read more

    Affected Products : webclient
    • EPSS Score: %0.21
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291589 Results