Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.0

    HIGH
    CVE-2011-2538

    Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands.... Read more

    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2523

    vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.... Read more

    Affected Products : debian_linux vsftpd
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2011-2515

    PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.... Read more

    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2011-2499

    Mambo CMS through 4.6.5 has multiple XSS.... Read more

    Affected Products : mambo_cms
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-2498

    The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2011-2487

    The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.... Read more

    • Published: Mar. 11, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-2480

    Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to cop... Read more

    Affected Products : freebsd netbsd
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-2353

    Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function.... Read more

    Affected Products : chrome blink
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2011-2343

    The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.... Read more

    Affected Products : android
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-2337

    A wrong type is used for a return value from strlen in WebKit in Google Chrome before Blink M12 on 64-bit platforms.... Read more

    Affected Products : blink
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-2336

    An issue exists in WebKit in Google Chrome before Blink M12. when clearing lists in AnimationControllerPrivate that signal when a hardware animation starts.... Read more

    Affected Products : chrome blink
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-2335

    A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.... Read more

    Affected Products : chrome blink
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2011-2334

    Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections.... Read more

    Affected Products : chrome blink
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2011-2207

    dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.... Read more

    Affected Products : enterprise_linux debian_linux gnupg
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-2195

    A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument to execute arbitrary commands against the underlying op... Read more

    Affected Products : websvn
    • Published: Oct. 26, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-2187

    xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication.... Read more

    Affected Products : debian_linux xscreensaver
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2011-2177

    OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools.... Read more

    Affected Products : openoffice
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2011-2054

    A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are corre... Read more

    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2011-1939

    SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.... Read more

    Affected Products : debian_linux php zend_framework
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2011-1934

    lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1.... Read more

    Affected Products : debian_linux lilo
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292835 Results