Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-1120

    EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_sr... Read more

    Affected Products : emc_replistor
    • EPSS Score: %6.10
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-10004

    A vulnerability was found in Turante Sandbox Theme up to 1.5.2. It has been classified as problematic. This affects the function sandbox_body_class of the file functions.php. The manipulation of the argument page leads to cross site scripting. It is possi... Read more

    Affected Products : sandbox_theme
    • EPSS Score: %0.06
    • Published: Apr. 10, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-10003

    A vulnerability was found in capnsquarepants wordcraft up to 0.6. It has been classified as problematic. Affected is an unknown function of the file tag.php. The manipulation of the argument tag leads to cross site scripting. It is possible to launch the ... Read more

    Affected Products : wordcraft
    • EPSS Score: %0.06
    • Published: Jan. 29, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-10002

    A vulnerability, which was classified as problematic, has been found in dpup fittr-flickr. This issue affects some unknown processing of the file fittr-flickr/features/easy-exif.js of the component EXIF Preview Handler. The manipulation leads to cross sit... Read more

    Affected Products : fittr_flickr
    • EPSS Score: %0.06
    • Published: Jan. 13, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-10001

    A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2. This vulnerability affects unknown code of the file example-form.php. The manipulation of the argument captcha with the input %3Cscript%3Ealert(1)%3C/script%3E l... Read more

    Affected Products : cool-php-captcha
    • EPSS Score: %0.08
    • Published: Jan. 13, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-0948

    Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.... Read more

    Affected Products : files
    • EPSS Score: %0.42
    • Published: Jun. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-0947

    Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.... Read more

    Affected Products : files
    • EPSS Score: %0.39
    • Published: Jun. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2009-0035

    alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.... Read more

    Affected Products : alsa
    • EPSS Score: %0.18
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2008-7321

    The tubepress plugin before 1.6.5 for WordPress has XSS.... Read more

    Affected Products : tubepress
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2008-7320

    GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior rep... Read more

    Affected Products : seahorse
    • EPSS Score: %0.08
    • Published: Nov. 18, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2008-7314

    mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname.... Read more

    Affected Products : mirc
    • EPSS Score: %0.41
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2008-7291

    gri before 2.12.18 generates temporary files in an insecure way.... Read more

    Affected Products : debian_linux gri
    • EPSS Score: %0.43
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2008-7273

    A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.... Read more

    Affected Products : iceweasel-firegpg
    • EPSS Score: %0.20
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2008-7272

    FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key.... Read more

    Affected Products : firegpg
    • EPSS Score: %0.22
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2008-5083

    In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON.... Read more

    Affected Products : jboss_operations_network
    • EPSS Score: %0.33
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2008-3280

    It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact... Read more

    Affected Products : openid
    • EPSS Score: %5.92
    • Published: May. 21, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2008-3278

    frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exp... Read more

    Affected Products : enterprise_linux frysk
    • EPSS Score: %0.05
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2008-2544

    Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2008-10004

    A vulnerability was found in Email Registration 5.x-2.1 on Drupal. It has been declared as critical. This vulnerability affects the function email_registration_user of the file email_registration.module. The manipulation of the argument namenew leads to s... Read more

    Affected Products : email_registration
    • EPSS Score: %0.04
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2008-10003

    A vulnerability was found in iGamingModules flashgames 1.1.0. It has been classified as critical. Affected is an unknown function of the file game.php. The manipulation of the argument lid leads to sql injection. It is possible to launch the attack remote... Read more

    Affected Products : flashgames
    • EPSS Score: %0.04
    • Published: Mar. 05, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291562 Results