Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2010-4817

    pithos before 0.3.5 allows overwrite of arbitrary files via symlinks.... Read more

    Affected Products : debian_linux pithos
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-4816

    It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.... Read more

    Affected Products : openbsd openbsd
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-4815

    Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution.... Read more

    Affected Products : coppermine_gallery
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-4664

    In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.... Read more

    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4662

    PmWiki before 2.2.21 has XSS.... Read more

    Affected Products : pmwiki
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-4661

    udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.... Read more

    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-4660

    Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..... Read more

    Affected Products : statusnet
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4659

    Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.... Read more

    Affected Products : statusnet
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-4658

    statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.... Read more

    Affected Products : statusnet
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2010-4657

    PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.... Read more

    Affected Products : enterprise_linux debian_linux php
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-4654

    poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.... Read more

    Affected Products : debian_linux poppler
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2010-4653

    An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.... Read more

    Affected Products : debian_linux poppler
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-4533

    offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.... Read more

    Affected Products : debian_linux offlineimap
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2010-4532

    offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.... Read more

    Affected Products : debian_linux offlineimap
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4266

    It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher.... Read more

    Affected Products : vanilla_forums
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4264

    It was found in vanilla forums before 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side.... Read more

    Affected Products : vanilla_forums
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4245

    pootle 2.0.5 has XSS via 'match_names' parameter... Read more

    Affected Products : pootle
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-4241

    Tiki Wiki CMS Groupware 5.2 has CSRF... Read more

    Affected Products : tikiwiki_cms\/groupware
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4240

    Tiki Wiki CMS Groupware 5.2 has XSS... Read more

    Affected Products : tikiwiki_cms\/groupware
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-4239

    Tiki Wiki CMS Groupware 5.2 has Local File Inclusion... Read more

    Affected Products : tikiwiki_cms\/groupware
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292795 Results