Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2008-7291

    gri before 2.12.18 generates temporary files in an insecure way.... Read more

    Affected Products : debian_linux gri
    • EPSS Score: %0.43
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2008-7273

    A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.... Read more

    Affected Products : iceweasel-firegpg
    • EPSS Score: %0.20
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2008-7272

    FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key.... Read more

    Affected Products : firegpg
    • EPSS Score: %0.22
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2008-5083

    In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON.... Read more

    Affected Products : jboss_operations_network
    • EPSS Score: %0.33
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2008-3280

    It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact... Read more

    Affected Products : openid
    • EPSS Score: %5.92
    • Published: May. 21, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2008-3278

    frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exp... Read more

    Affected Products : enterprise_linux frysk
    • EPSS Score: %0.05
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2008-2544

    Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2008-10004

    A vulnerability was found in Email Registration 5.x-2.1 on Drupal. It has been declared as critical. This vulnerability affects the function email_registration_user of the file email_registration.module. The manipulation of the argument namenew leads to s... Read more

    Affected Products : email_registration
    • EPSS Score: %0.04
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2008-10003

    A vulnerability was found in iGamingModules flashgames 1.1.0. It has been classified as critical. Affected is an unknown function of the file game.php. The manipulation of the argument lid leads to sql injection. It is possible to launch the attack remote... Read more

    Affected Products : flashgames
    • EPSS Score: %0.04
    • Published: Mar. 05, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2008-10002

    A vulnerability has been found in cfire24 ajaxlife up to 0.3.2 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.3.3 is able... Read more

    Affected Products : ajaxlife
    • EPSS Score: %0.06
    • Published: Mar. 05, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2008-10001

    A vulnerability, which was classified as problematic, has been found in Pro2col Stingray FTS. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remotely. It is recommended to upgrade the affected componen... Read more

    Affected Products : stingray_fts
    • EPSS Score: %0.21
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2007-6763

    SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was previously logged in) to access resources by pressing a back or forward button in a web browser.... Read more

    Affected Products : sas_drug_development
    • EPSS Score: %0.51
    • Published: Jul. 31, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2007-6762

    In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.80
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2007-6758

    Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.... Read more

    Affected Products : ext_js
    • EPSS Score: %0.29
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2007-6745

    clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %0.65
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2007-5967

    A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on devices without user approval.... Read more

    Affected Products : firefox
    • EPSS Score: %0.11
    • Published: May. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2007-5743

    viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option.... Read more

    Affected Products : debian_linux viewvc
    • EPSS Score: %0.35
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2007-4774

    The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.18
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2007-4773

    Systrace before 1.6.0 has insufficient escape policy enforcement.... Read more

    Affected Products : systrace
    • EPSS Score: %0.63
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2007-3915

    Mondo 2.24 has insecure handling of temporary files.... Read more

    Affected Products : mondo
    • EPSS Score: %0.36
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292016 Results