Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2009-5049

    WebApp JSP Snoop page XSS in jetty though 6.1.21.... Read more

    Affected Products : debian_linux jetty
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-5048

    Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20.... Read more

    Affected Products : jetty
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-5046

    JSP Dump and Session Dump Servlet XSS in jetty before 6.1.22.... Read more

    Affected Products : debian_linux jetty
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2009-5045

    Dump Servlet information leak in jetty before 6.1.22.... Read more

    Affected Products : debian_linux jetty
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-5043

    burn allows file names to escape via mishandled quotation marks... Read more

    Affected Products : debian_linux burn
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2009-5042

    python-docutils allows insecure usage of temporary files... Read more

    Affected Products : debian_linux python-docutils
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-5041

    overkill has buffer overflow via long player names that can corrupt data on the server machine... Read more

    Affected Products : overkill
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2009-5025

    A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user.... Read more

    Affected Products : pyforum
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2009-5004

    qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .... Read more

    Affected Products : qpid-cpp
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-4900

    pixelpost 1.7.1 has XSS... Read more

    Affected Products : pixelpost
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-4899

    pixelpost 1.7.1 has SQL injection... Read more

    Affected Products : pixelpost
    • Published: Oct. 28, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2009-4267

    The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.... Read more

    Affected Products : juddi
    • Published: Feb. 19, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2009-4123

    The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation.... Read more

    Affected Products : jruby-openssl
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2009-4067

    Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control ... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2009-4011

    dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console.... Read more

    Affected Products : dtc-xen
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2009-3887

    ytnef has directory traversal... Read more

    Affected Products : ytnef
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2009-3724

    python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XSS) issues.... Read more

    Affected Products : python-markdown2
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2009-3723

    asterisk allows calls on prohibited networks... Read more

    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2009-3721

    Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, cr... Read more

    Affected Products : evolution ytnef
    • Published: May. 26, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-3614

    liboping 1.3.2 allows users reading arbitrary files upon the local system.... Read more

    Affected Products : debian_linux liboping
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292860 Results