Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2010-4533

    offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.... Read more

    Affected Products : debian_linux offlineimap
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2010-4532

    offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.... Read more

    Affected Products : debian_linux offlineimap
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4266

    It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher.... Read more

    Affected Products : vanilla_forums
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4264

    It was found in vanilla forums before 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side.... Read more

    Affected Products : vanilla_forums
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4245

    pootle 2.0.5 has XSS via 'match_names' parameter... Read more

    Affected Products : pootle
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-4241

    Tiki Wiki CMS Groupware 5.2 has CSRF... Read more

    Affected Products : tikiwiki_cms\/groupware
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-4240

    Tiki Wiki CMS Groupware 5.2 has XSS... Read more

    Affected Products : tikiwiki_cms\/groupware
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2010-4239

    Tiki Wiki CMS Groupware 5.2 has Local File Inclusion... Read more

    Affected Products : tikiwiki_cms\/groupware
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2010-4237

    Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.... Read more

    Affected Products : mercurial
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-4178

    MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console... Read more

    Affected Products : fedora mysql-gui-tools
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-4177

    mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.... Read more

    Affected Products : fedora mysql-gui-tools
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2010-3917

    Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site.... Read more

    Affected Products : chrome
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3857

    JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter.... Read more

    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3844

    An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.... Read more

    Affected Products : debian_linux ettercap
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2010-3843

    The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a malic... Read more

    Affected Products : ettercap
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2010-3782

    obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation.... Read more

    Affected Products : linux_enterprise_server obs-server
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3674

    TYPO3 before 4.4.1 allows XSS in the frontend search box.... Read more

    Affected Products : debian_linux typo3
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2010-3673

    TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API.... Read more

    Affected Products : typo3
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2010-3672

    TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension.... Read more

    Affected Products : typo3
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2010-3671

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session.... Read more

    Affected Products : typo3
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results