Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2011-1802

    WebKit in Google Chrome before Blink M11 and M12 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption).... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.49
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-1762

    A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission.... Read more

    Affected Products : wordpress
    • EPSS Score: %0.29
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-1597

    OpenVAS Manager v2.0.3 allows plugin remote code execution.... Read more

    Affected Products : openvas_manager
    • EPSS Score: %1.86
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-1588

    Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.... Read more

    Affected Products : debian_linux opensuse thunar
    • EPSS Score: %0.32
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1517

    SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.... Read more

    Affected Products : netweaver
    • EPSS Score: %2.37
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1497

    A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6.... Read more

    Affected Products : rails actionpack
    • EPSS Score: %0.33
    • Published: Oct. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-1490

    A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the ... Read more

    Affected Products : debian_linux rsyslog opensuse
    • EPSS Score: %0.15
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-1489

    A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the... Read more

    Affected Products : debian_linux rsyslog opensuse
    • EPSS Score: %0.15
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-1488

    A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a... Read more

    Affected Products : debian_linux rsyslog opensuse
    • EPSS Score: %0.15
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-1474

    A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GRO... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.14
    • Published: Dec. 26, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1460

    WebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks are renderblocks.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.28
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-1459

    The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin.... Read more

    Affected Products : chrome blink
    • EPSS Score: %0.29
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2011-1408

    ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks.... Read more

    Affected Products : debian_linux ikiwiki
    • EPSS Score: %0.61
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-1298

    An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.... Read more

    Affected Products : chrome macos blink
    • EPSS Score: %0.29
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2011-1151

    Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters.... Read more

    Affected Products : joomla\!
    • EPSS Score: %0.04
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1150

    bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter.... Read more

    Affected Products : bbpress
    • EPSS Score: %0.23
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-1145

    The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.... Read more

    • EPSS Score: %0.22
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2011-1136

    In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file.... Read more

    Affected Products : debian_linux tesseract
    • EPSS Score: %0.26
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-1135

    Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php.... Read more

    Affected Products : serendipity
    • EPSS Score: %0.86
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1134

    Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.... Read more

    Affected Products : serendipity
    • EPSS Score: %5.00
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291615 Results