Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2012-0952

    A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53.... Read more

    Affected Products : display_driver
    • Published: May. 08, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-0951

    A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry.... Read more

    Affected Products : display_driver
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0945

    whoopsie-daisy before 0.1.26: Root user can remove arbitrary files... Read more

    Affected Products : whoopsie-daisy
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-0941

    Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or ... Read more

    Affected Products : fortios
    • Published: Feb. 08, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-0877

    PyXML: Hash table collisions CPU usage Denial of Service... Read more

    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0844

    Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.... Read more

    Affected Products : debian_linux netsurf
    • Published: Feb. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0843

    uzbl: Information disclosure via world-readable cookies storage file... Read more

    Affected Products : debian_linux uzbl
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0842

    surf: cookie jar has read access from other local user... Read more

    Affected Products : debian_linux surf
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-0828

    Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing character... Read more

    Affected Products : xchat gtk xchat-wdk
    • Published: Feb. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-0824

    gnusound 0.7.5 has format string issue... Read more

    Affected Products : gnusound
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-0812

    PostfixAdmin 2.3.4 has multiple XSS vulnerabilities... Read more

    Affected Products : debian_linux postfix_admin
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0810

    The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2012-0785

    Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Has... Read more

    Affected Products : jenkins jenkins
    • Published: Feb. 24, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0771

    Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759.... Read more

    Affected Products : shockwave_player
    • Published: Feb. 19, 2018
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2012-0718

    IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies.... Read more

    Affected Products : tivoli_endpoint_manager
    • Published: Feb. 18, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2012-0699

    Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2... Read more

    Affected Products : family_connections_cms
    • Published: Jan. 11, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-0694

    SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code.... Read more

    Affected Products : sugarcrm
    • Published: Oct. 29, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0433

    The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data.... Read more

    Affected Products : crowbar
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 6.4

    MEDIUM
    CVE-2012-0334

    Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks... Read more

    Affected Products : ironport_web_security_appliance
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2012-0070

    spamdyke prior to 4.2.1: STARTTLS reveals plaintext... Read more

    Affected Products : spamdyke
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 293284 Results