Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.6

    MEDIUM
    CVE-2014-6518

    Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS).... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.04
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-6514

    Unspecified vulnerability in the PL/SQL component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.19
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2014-6510

    Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Power Management Utility.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.04
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2014-6509

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.04
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-6481

    Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect confidentiality via vectors related to KSSL.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.25
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2014-6480

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to System management.... Read more

    • EPSS Score: %0.25
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2014-4279

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology.... Read more

    Affected Products : peoplesoft_products
    • EPSS Score: %0.15
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2014-4259

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to System management.... Read more

    • EPSS Score: %0.53
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-0191

    The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of w... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %1.31
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-1201

    Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.... Read more

    Affected Products : privoxy
    • EPSS Score: %0.47
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-1030

    Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.... Read more

    Affected Products : privoxy
    • EPSS Score: %0.54
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-9494

    RabbitMQ before 3.4.0 allows remote attackers to bypass the loopback_users restriction via a crafted X-Forwareded-For header.... Read more

    Affected Products : rabbitmq
    • EPSS Score: %0.39
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-9491

    The devzvol_readdir function in illumos does not check the return value of a strchr call, which allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors.... Read more

    Affected Products : illumos
    • EPSS Score: %0.82
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-9490

    The numtok function in lib/raven/okjson.rb in the raven-ruby gem before 0.12.2 for Ruby allows remote attackers to cause a denial of service via a large exponent value in a scientific number.... Read more

    Affected Products : raven-ruby
    • EPSS Score: %0.73
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-9330

    Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via crafted BMP image, related to dimensions, which triggers an out-of-bounds read.... Read more

    Affected Products : libtiff
    • EPSS Score: %1.17
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-8790

    XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter.... Read more

    Affected Products : getsimple_cms getsimple_cms
    • EPSS Score: %0.66
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2014-8625

    Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or... Read more

    Affected Products : dpkg
    • EPSS Score: %2.46
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-8386

    Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers to execute arbitrary code via a crafted (1) display properties or (2) conditional bitmap parameter in a GNI file.... Read more

    Affected Products : adamview
    • EPSS Score: %27.88
    • Published: Jan. 20, 2015
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2015-0973

    Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.... Read more

    Affected Products : libpng mac_os_x solaris
    • EPSS Score: %2.01
    • Published: Jan. 18, 2015
    • Modified: Jun. 09, 2025

  • 3.5

    LOW
    CVE-2015-0862

    Multiple cross-site scripting (XSS) vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) message details when a message is unqueued, such as... Read more

    Affected Products : rabbitmq_management
    • EPSS Score: %0.18
    • Published: Jan. 18, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291601 Results