Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 9.8

    CRITICAL
    CVE-2010-10003

    A vulnerability classified as critical was found in gesellix titlelink on Joomla. Affected by this vulnerability is an unknown functionality of the file plugin_content_title.php. The manipulation of the argument phrase leads to sql injection. The patch is... Read more

    Affected Products : titlelink
    • EPSS Score: %0.04
    • Published: Jan. 04, 2023
    • Modified: Nov. 21, 2024
  • 6.1

    MEDIUM
    CVE-2010-10002

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of ... Read more

    Affected Products : simplesamlphp-module-openid
    • EPSS Score: %0.07
    • Published: Jan. 01, 2023
    • Modified: Nov. 21, 2024
  • 5.5

    MEDIUM
    CVE-2010-10001

    A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 1000000000000000 as part of a NZB File leads to a denial ... Read more

    Affected Products : grabit
    • EPSS Score: %0.19
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024
  • 5.3

    MEDIUM
    CVE-2010-0749

    Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame.... Read more

    Affected Products : linux_kernel debian_linux transmission
    • EPSS Score: %0.73
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
  • 9.8

    CRITICAL
    CVE-2010-0748

    Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.... Read more

    Affected Products : linux_kernel debian_linux transmission
    • EPSS Score: %0.86
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2010-0747

    drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725.... Read more

    Affected Products : debian_linux drbd8
    • EPSS Score: %0.04
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
  • 8.0

    HIGH
    CVE-2010-0737

    A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.... Read more

    Affected Products : jboss_operations_network
    • EPSS Score: %0.14
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
  • 6.5

    MEDIUM
    CVE-2010-0398

    The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack.... Read more

    Affected Products : autokey
    • EPSS Score: %0.43
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
  • 5.5

    MEDIUM
    CVE-2010-0207

    In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.... Read more

    Affected Products : debian_linux poppler xpdf
    • EPSS Score: %0.44
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
  • 5.5

    MEDIUM
    CVE-2010-0206

    xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.... Read more

    Affected Products : debian_linux xpdf
    • EPSS Score: %0.44
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
  • 6.5

    MEDIUM
    CVE-2010-0109

    DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request.... Read more

    Affected Products : altiris_deployment_solution
    • EPSS Score: %0.55
    • Published: Feb. 19, 2018
    • Modified: Nov. 21, 2024
  • 6.1

    MEDIUM
    CVE-2009-5159

    Invision Power Board (aka IPB or IP.Board) 2.x through 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment.... Read more

    • EPSS Score: %0.77
    • Published: Mar. 13, 2020
    • Modified: Nov. 21, 2024
  • 6.1

    MEDIUM
    CVE-2009-5158

    The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for Google Analytics API text.... Read more

    Affected Products : google_analyticator
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024
  • 9.0

    HIGH
    CVE-2009-5157

    On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable.... Read more

    Affected Products : wag54g2_firmware wag54g2
    • EPSS Score: %9.40
    • Published: Jun. 11, 2019
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2009-5156

    An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi-bin/script query string.... Read more

    • EPSS Score: %6.88
    • Published: Jun. 11, 2019
    • Modified: Nov. 21, 2024
  • 7.5

    HIGH
    CVE-2009-5155

    In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a reg... Read more

    • EPSS Score: %1.37
    • Published: Feb. 26, 2019
    • Modified: Nov. 21, 2024
  • 10.0

    HIGH
    CVE-2009-5154

    An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.... Read more

    Affected Products : s14_firmware s14
    • EPSS Score: %0.80
    • Published: Feb. 09, 2019
    • Modified: Nov. 21, 2024
  • 9.8

    CRITICAL
    CVE-2009-5153

    In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted.... Read more

    Affected Products : netware
    • EPSS Score: %13.28
    • Published: Nov. 21, 2018
    • Modified: Nov. 21, 2024
  • 4.1

    MEDIUM
    CVE-2009-5152

    Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to change Computrace Agent's activation/deactivation statu... Read more

    Affected Products : computrace_agent
    • EPSS Score: %0.05
    • Published: May. 11, 2018
    • Modified: Nov. 21, 2024
  • 7.2

    HIGH
    CVE-2009-5151

    The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. This allows a privileged local user to achie... Read more

    Affected Products : computrace_agent
    • EPSS Score: %0.06
    • Published: May. 11, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291513 Results