Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2012-0046

    mediawiki allows deleted text to be exposed... Read more

    Affected Products : mediawiki
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5331

    Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.... Read more

    Affected Products : distributed_ruby
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5330

    Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.... Read more

    Affected Products : distributed_ruby
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-5329

    The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562.... Read more

    Affected Products : redirection
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-5328

    The user-access-manager plugin before 1.2 for WordPress has CSRF.... Read more

    Affected Products : user_access_manager
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5327

    In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2011-5282

    mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled.... Read more

    Affected Products : mirc
    • Published: Jan. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-5271

    Pacemaker before 1.1.6 configure script creates temporary files insecurely... Read more

    Affected Products : pacemaker
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5266

    Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.... Read more

    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-5250

    Snare for Linux before 1.7.0 has CSRF in the web interface.... Read more

    Affected Products : snare
    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-5247

    Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword.... Read more

    Affected Products : snare
    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-5020

    An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011.... Read more

    Affected Products : online_tv_database
    • Published: Jan. 10, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-5018

    Koala Framework before 2011-11-21 has XSS via the request_uri parameter.... Read more

    Affected Products : koala_framework
    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-4973

    Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.... Read more

    Affected Products : mod_nss
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-4972

    hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request.... Read more

    Affected Products : ckeditor
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2011-4968

    nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)... Read more

    Affected Products : debian_linux nginx
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-4967

    tog-Pegasus has a package hash collision DoS vulnerability... Read more

    Affected Products : enterprise_linux tog-pegasus
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-4954

    cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE... Read more

    Affected Products : cobbler
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2011-4952

    cobbler: Web interface lacks CSRF protection when using Django framework... Read more

    Affected Products : cobbler
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-4943

    ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13)... Read more

    Affected Products : impresspages_cms
    • Published: Jan. 22, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292764 Results