Latest CVE Feed
-
10.0
HIGHCVE-2016-2071
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands.... Read more
- EPSS Score: %2.74
- Published: Feb. 17, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1984
The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerabil... Read more
Affected Products : amx_firmware- EPSS Score: %4.08
- Published: Jan. 22, 2016
- Modified: Apr. 12, 2025
-
10.0
CRITICALCVE-2016-20010
EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5.... Read more
Affected Products : image_optimizer- EPSS Score: %6.83
- Published: May. 05, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2016-1995
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more
Affected Products : system_management_homepage- EPSS Score: %16.41
- Published: Mar. 18, 2016
- Modified: Apr. 12, 2025
-
10.0
CRITICALCVE-2016-1985
HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.... Read more
- EPSS Score: %3.23
- Published: Jan. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1999
The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.... Read more
Affected Products : release_control- EPSS Score: %3.23
- Published: May. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1906
Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.... Read more
- EPSS Score: %1.60
- Published: Feb. 03, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1909
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for th... Read more
Affected Products : fortios- EPSS Score: %79.71
- Published: Jan. 15, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1989
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988.... Read more
Affected Products : network_automation- EPSS Score: %13.50
- Published: Mar. 15, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2022-31800
An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.... Read more
- EPSS Score: %1.98
- Published: Jun. 21, 2022
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2016-1662
extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unsp... Read more
- EPSS Score: %15.29
- Published: May. 14, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1642
Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.... Read more
Affected Products : chrome- EPSS Score: %1.75
- Published: Mar. 06, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1629
Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors.... Read more
- EPSS Score: %3.09
- Published: Feb. 21, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1560
ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or ... Read more
Affected Products : ex3000_firmware ex5000_firmware ex7000_firmware ex10000e_firmware ex13000e_firmware ex21000e_firmware ex32000e_firmware ex40000e_firmware ex3000 ex5000 +6 more products- EPSS Score: %81.67
- Published: Apr. 21, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2016-1555
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute... Read more
Affected Products : wnap320_firmware wn604_firmware wndap660_firmware wndap350_firmware wndap360_firmware wndap210v2_firmware wn802tv2_firmware wnap320 wndap350 wndap360 +4 more products- Actively Exploited
- EPSS Score: %94.12
- Published: Apr. 21, 2017
- Modified: Apr. 20, 2025
-
10.0
CRITICALCVE-2016-1505
The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore.... Read more
- EPSS Score: %1.35
- Published: Feb. 03, 2016
- Modified: Apr. 12, 2025
-
10.0
CRITICALCVE-2024-39911
1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this ... Read more
Affected Products : 1panel- Published: Jul. 18, 2024
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2022-24292
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.... Read more
Affected Products : laserjet_pro_m304-m305_w1a46a_firmware laserjet_pro_m304-m305_w1a47a_firmware laserjet_pro_m304-m305_w1a48a_firmware laserjet_pro_m304-m305_w1a66a_firmware laserjet_pro_m404-m405_93m22a_firmware laserjet_pro_m453-m454_w1y40a_firmware laserjet_pro_m453-m454_w1y41a_firmware laserjet_pro_m453-m454_w1y43a_firmware laserjet_pro_m453-m454_w1y44a_firmware laserjet_pro_m453-m454_w1y45a_firmware +126 more products- EPSS Score: %8.52
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2016-1503
dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of servic... Read more
- EPSS Score: %7.14
- Published: Apr. 18, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2022-2274
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will h... Read more
Affected Products : h410c_firmware snapcenter openssl h300s_firmware h500s_firmware h700s_firmware h410s_firmware h300s h410s h500s +2 more products- EPSS Score: %52.02
- Published: Jul. 01, 2022
- Modified: Nov. 21, 2024