Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2015-0503

    Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.... Read more

    Affected Products : mysql
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0271

    The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.... Read more

    Affected Products : openstack
    • Published: Mar. 10, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2020-4803

    IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535.... Read more

    Affected Products : edge_application_manager
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2024-33883

    The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.... Read more

    Affected Products :
    • Published: Apr. 28, 2024
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2015-0169

    IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to inject arguments via unspecified vectors.... Read more

    Affected Products : security_siteprotector_system
    • Published: May. 25, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2016-0823

    The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721... Read more

    Affected Products : android linux_kernel
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2021-2308

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple... Read more

    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2015-6413

    Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CSCuw55651.... Read more

    • Published: Dec. 13, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-8374

    fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2017-3318

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high priv... Read more

    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 4.0

    MEDIUM
    CVE-2016-0562

    Unspecified vulnerability in the Oracle Common Applications component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via vectors related to CRM User Management Framework.... Read more

    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-5217

    providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a du... Read more

    Affected Products : ipsilon
    • Published: Nov. 17, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-5435

    Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors.... Read more

    • Published: Sep. 30, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2017-3317

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker... Read more

    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 4.0

    MEDIUM
    CVE-2016-0503

    Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504.... Read more

    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2016-0531

    Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Oracle Diagnostics Interfaces.... Read more

    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2016-0587

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing.... Read more

    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2024-3138

    ** DISPUTED ** A vulnerability was found in francoisjacquet RosarioSIS 11.5.1. It has been rated as problematic. This issue affects some unknown processing of the component Add Portal Note. The manipulation leads to cross site scripting. The attack may be... Read more

    • Published: Apr. 01, 2024
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2015-4752

    Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.... Read more

    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2016-0596

    Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.... Read more

    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293620 Results