Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2010-3844

    An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.... Read more

    Affected Products : debian_linux ettercap
    • EPSS Score: %0.53
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-3843

    The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a malic... Read more

    Affected Products : ettercap
    • EPSS Score: %0.05
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3782

    obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation.... Read more

    Affected Products : linux_enterprise_server obs-server
    • EPSS Score: %0.29
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3674

    TYPO3 before 4.4.1 allows XSS in the frontend search box.... Read more

    Affected Products : debian_linux typo3
    • EPSS Score: %0.54
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-3673

    TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API.... Read more

    Affected Products : typo3
    • EPSS Score: %0.46
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3672

    TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension.... Read more

    Affected Products : typo3
    • EPSS Score: %0.45
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2010-3671

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session.... Read more

    Affected Products : typo3
    • EPSS Score: %0.90
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2010-3670

    TYPO3 before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness during generation of a hash with the "forgot password" function.... Read more

    Affected Products : typo3
    • EPSS Score: %0.13
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2010-3669

    TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box.... Read more

    Affected Products : typo3
    • EPSS Score: %0.24
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-3668

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl.... Read more

    Affected Products : typo3
    • EPSS Score: %0.43
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-3667

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element.... Read more

    Affected Products : typo3
    • EPSS Score: %0.32
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-3666

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness in the uniqid function.... Read more

    Affected Products : typo3
    • EPSS Score: %0.32
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2010-3665

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager.... Read more

    Affected Products : typo3
    • EPSS Score: %0.43
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2010-3664

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %0.43
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3663

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %3.15
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3662

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows SQL Injection on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %0.70
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3661

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %0.27
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2010-3660

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend.... Read more

    Affected Products : typo3
    • EPSS Score: %0.47
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-3440

    babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files.... Read more

    Affected Products : debian_linux babiloo
    • EPSS Score: %0.07
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2010-3439

    It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.... Read more

    Affected Products : fedora debian_linux alien-arena
    • EPSS Score: %0.57
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291810 Results