Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2012-6692

    Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_title parameter to wp-admin/post-new.php, which is n... Read more

    Affected Products : wordpress_seo yoast_seo
    • EPSS Score: %0.62
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-4550

    The Cavium cryptographic-module firmware on Cisco Adaptive Security Appliance (ASA) devices with software 9.3(3) and 9.4(1.1) does not verify the AES-GCM Integrity Check Value (ICV) octets, which makes it easier for man-in-the-middle attackers to spoof IP... Read more

    • EPSS Score: %0.50
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-4190

    Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man-in-the-middle attackers to modify data via unspecified vectors, aka Bug ID CSCuh19683.... Read more

    Affected Products : prime_service_catalog
    • EPSS Score: %0.29
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4188

    SQL injection vulnerability in the Manager interface in Cisco Prime Collaboration 10.5(1) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug IDs CSCuu29910, CSCuu29928, and CSCuu59104.... Read more

    Affected Products : prime_collaboration
    • EPSS Score: %0.28
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-4186

    The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (aka VXC) Client 6215 devices with firmware 11.2(27.4) allows local users to gain privileges for OS command execution via a crafted option value, aka Bug ID C... Read more

    • EPSS Score: %0.14
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-4183

    Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795.... Read more

    • EPSS Score: %0.14
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 4.6

    MEDIUM
    CVE-2015-3318

    CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for ... Read more

    • EPSS Score: %0.06
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 4.6

    MEDIUM
    CVE-2015-3317

    CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for ... Read more

    • EPSS Score: %0.06
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 4.6

    MEDIUM
    CVE-2015-3316

    CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for ... Read more

    • EPSS Score: %0.07
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0546

    EMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows remote attackers to bypass LDAP authentication by providing a valid account name.... Read more

    • EPSS Score: %3.41
    • Published: Jun. 17, 2015
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2015-4398

    Open redirect vulnerability in the Chaos tool suite (ctools) module before 6.x-1.12 and 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors involving proce... Read more

    Affected Products : ctools
    • EPSS Score: %0.48
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4374

    Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a componen... Read more

    Affected Products : webform
    • EPSS Score: %0.25
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4613

    SQL injection vulnerability in the backend module in the Developer Log (devlog) extension before 2.11.4 for TYPO3 allows remote editors to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : developer_log
    • EPSS Score: %0.26
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4612

    SQL injection vulnerability in the "FAQ - Frequently Asked Questions" (js_faq) extension before 1.2.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : faq-frequently_asked_questions
    • EPSS Score: %0.35
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4611

    SQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) extension before 1.0.9 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : smoelenboek
    • EPSS Score: %0.35
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4610

    SQL injection vulnerability in the Store Locator (locator) extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : store_locator
    • EPSS Score: %0.35
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4609

    SQL injection vulnerability in the wt_directory extension before 1.4.2 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : wt_directory
    • EPSS Score: %0.35
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4608

    Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : be_user_log
    • EPSS Score: %0.18
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-4607

    Unrestricted file upload vulnerability in the Frontend User Upload (feupload) extension 0.5.0 and earlier for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension using a frontend form, then accessing it... Read more

    Affected Products : frontend_user_upload
    • EPSS Score: %1.62
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-4606

    Unrestricted file upload vulnerability in the Job Fair (jobfair) extension before 1.0.1 for TYPO3, when using Apache with mod_mime, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a... Read more

    Affected Products : job_fair
    • EPSS Score: %1.70
    • Published: Jun. 16, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 290983 Results