Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2016-8899

    Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.51
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-8898

    Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.26
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-8897

    Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.26
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8786

    Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C... Read more

    • EPSS Score: %0.22
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-8785

    Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malfor... Read more

    • EPSS Score: %0.10
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-8784

    Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some para... Read more

    • EPSS Score: %0.07
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-8783

    Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L02_6.12.16 and P9 Plus Versions earlier than VIE-AL10BC00B356 has a stack overflow vulnerabilities. An attacker tricks a user into installing a malicious application on the smart phone, ... Read more

    • EPSS Score: %0.06
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-8782

    Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices repeatedly. Due to improper v... Read more

    • EPSS Score: %0.13
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-8750

    Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.... Read more

    Affected Products : karaf
    • EPSS Score: %1.51
    • Published: Feb. 19, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8742

    The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for t... Read more

    Affected Products : couchdb windows
    • EPSS Score: %0.44
    • Published: Feb. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8732

    Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. Weak restrictions on the driver communication channel and additional insufficient checks allow any application to turn off some of the pr... Read more

    Affected Products : invincea_dell_protected_workspace
    • EPSS Score: %0.06
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8730

    An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An ... Read more

    Affected Products : coreldraw_photo_paint_x8
    • EPSS Score: %0.20
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8729

    An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can speci... Read more

    Affected Products : mupdf
    • EPSS Score: %0.53
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2016-8728

    An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading ... Read more

    Affected Products : mupdf
    • EPSS Score: %0.59
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2016-8717

    An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attacke... Read more

    Affected Products : awk-3131a_firmware awk-3131a
    • EPSS Score: %0.37
    • Published: Apr. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8657

    It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group (root:jboss, 664). On systems using classic /etc/init.d init ... Read more

    • EPSS Score: %0.06
    • Published: Jul. 31, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8656

    Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.... Read more

    • EPSS Score: %0.06
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8654

    A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.... Read more

    • EPSS Score: %0.23
    • Published: Aug. 01, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-8653

    It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack.... Read more

    Affected Products : jboss_fuse jboss_a-mq
    • EPSS Score: %0.34
    • Published: Aug. 01, 2018
    • Modified: Nov. 21, 2024

  • 3.5

    LOW
    CVE-2016-8651

    An input validation flaw was found in the way OpenShift 3 handles requests for images. A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of an... Read more

    • EPSS Score: %0.24
    • Published: Aug. 01, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291401 Results