Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-3645

    Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 ... Read more

    • EPSS Score: %75.55
    • Published: Jun. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3655

    The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call.... Read more

    Affected Products : pan-os
    • EPSS Score: %1.31
    • Published: Apr. 12, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3556

    Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to EM Integration.... Read more

    • EPSS Score: %2.56
    • Published: Jul. 21, 2016
    • Modified: May. 08, 2025

  • 10.0

    HIGH
    CVE-2016-3551

    Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXWS Web S... Read more

    Affected Products : weblogic_server fusion_middleware
    • EPSS Score: %4.00
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3493

    Unspecified vulnerability in the Hyperion Financial Reporting component in Oracle Hyperion 11.1.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Security Models.... Read more

    Affected Products : hyperion_financial_reporting
    • EPSS Score: %3.60
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3487

    Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 11.1.1.8, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : webcenter_sites
    • EPSS Score: %4.89
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3270

    The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges... Read more

    • EPSS Score: %16.43
    • Published: Oct. 14, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3227

    Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Server Use After Free Vulnerability."... Read more

    Affected Products : windows_server_2012
    • EPSS Score: %22.53
    • Published: Jun. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-3109

    The backend/Login/load/ script in Shopware before 5.1.5 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : shopware
    • EPSS Score: %34.59
    • Published: Apr. 21, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-3082

    XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter.... Read more

    Affected Products : struts
    • EPSS Score: %33.25
    • Published: Apr. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2843

    Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.... Read more

    Affected Products : chrome v8
    • EPSS Score: %0.89
    • Published: Mar. 06, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2842

    The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memory co... Read more

    Affected Products : openssl
    • EPSS Score: %77.28
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2023-2825

    An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least... Read more

    Affected Products : gitlab
    • EPSS Score: %93.16
    • Published: May. 26, 2023
    • Modified: Jan. 15, 2025

  • 10.0

    HIGH
    CVE-2016-2807

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss... Read more

    • EPSS Score: %1.32
    • Published: Apr. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2804

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox firefox_esr
    • EPSS Score: %1.20
    • Published: Apr. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2805

    Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox firefox_esr
    • EPSS Score: %0.89
    • Published: Apr. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2806

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via... Read more

    • EPSS Score: %1.32
    • Published: Apr. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2343

    Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements.... Read more

    Affected Products : eaglesoft
    • EPSS Score: %0.76
    • Published: Apr. 01, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2345

    Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string.... Read more

    Affected Products : mini_remote_control
    • EPSS Score: %53.49
    • Published: Mar. 17, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2310

    General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration sett... Read more

    • EPSS Score: %0.23
    • Published: Jun. 09, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292761 Results