Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2012-10009

    A vulnerability was found in 404like Plugin up to 1.0.2 on WordPress. It has been classified as critical. Affected is the function checkPage of the file 404Like.php. The manipulation of the argument searchWord leads to sql injection. It is possible to lau... Read more

    Affected Products : 404like
    • Published: Mar. 21, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10008

    A vulnerability, which was classified as critical, has been found in uakfdotb oneapp. This issue affects some unknown processing. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This is ... Read more

    Affected Products : oneapp
    • Published: Feb. 20, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10007

    A vulnerability was found in madgicweb BuddyStream Plugin up to 3.2.7 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file ShareBox.php. The manipulation of the argument content/link/sha... Read more

    Affected Products : buddystream
    • Published: Feb. 19, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10006

    A vulnerability classified as critical has been found in ale7714 sigeprosi. This affects an unknown part. The manipulation leads to sql injection. The identifier of the patch is 5291886f6c992316407c376145d331169c55f25b. It is recommended to apply a patch ... Read more

    Affected Products : sigeprosi
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10005

    A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation o... Read more

    Affected Products : php-form-builder-class
    • Published: Jan. 12, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10004

    A vulnerability was found in backdrop-contrib Basic Cart on Drupal. It has been classified as problematic. Affected is the function basic_cart_checkout_form_submit of the file basic_cart.cart.inc. The manipulation leads to cross site scripting. It is poss... Read more

    Affected Products : basic_cart
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10003

    A vulnerability, which was classified as problematic, has been found in ahmyi RivetTracker. This issue affects some unknown processing. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. The attack may be initiated remote... Read more

    Affected Products : rivettracker
    • Published: Jan. 03, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-10002

    A vulnerability was found in ahmyi RivetTracker. It has been declared as problematic. Affected by this vulnerability is the function changeColor of the file css.php. The manipulation of the argument set_css leads to cross site scripting. The attack can be... Read more

    Affected Products : rivettracker
    • Published: Jan. 03, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-10001

    The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it easier for remote attackers to conduct brute-force authentication attempts.... Read more

    Affected Products : limit_login_attempts
    • Published: Jan. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2012-0955

    software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a ... Read more

    Affected Products : software-properties
    • Published: Dec. 02, 2020
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2012-0953

    A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53.... Read more

    Affected Products : display_driver
    • Published: May. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2012-0952

    A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53.... Read more

    Affected Products : display_driver
    • Published: May. 08, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-0951

    A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry.... Read more

    Affected Products : display_driver
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0945

    whoopsie-daisy before 0.1.26: Root user can remove arbitrary files... Read more

    Affected Products : whoopsie-daisy
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-0941

    Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or ... Read more

    Affected Products : fortios
    • Published: Feb. 08, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-0877

    PyXML: Hash table collisions CPU usage Denial of Service... Read more

    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0844

    Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.... Read more

    Affected Products : debian_linux netsurf
    • Published: Feb. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0843

    uzbl: Information disclosure via world-readable cookies storage file... Read more

    Affected Products : debian_linux uzbl
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0842

    surf: cookie jar has read access from other local user... Read more

    Affected Products : debian_linux surf
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-0828

    Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing character... Read more

    Affected Products : xchat gtk xchat-wdk
    • Published: Feb. 21, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292819 Results