Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-8484

    An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823575.... Read more

    Affected Products : android
    • EPSS Score: %0.58
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8482

    An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482.... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8390

    An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds w... Read more

    Affected Products : hopper_disassembler
    • EPSS Score: %0.19
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8384

    An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter.... Read more

    Affected Products : marklogic
    • EPSS Score: %0.21
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8383

    An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide maliciou... Read more

    Affected Products : marklogic
    • EPSS Score: %0.24
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8382

    An exploitable heap corruption vulnerability exists in the Doc_SetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc fi... Read more

    Affected Products : marklogic
    • EPSS Score: %0.37
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-8380

    The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.... Read more

    Affected Products : ilc_plcs_firmware ilc_plcs
    • EPSS Score: %24.34
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-8371

    The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.... Read more

    Affected Products : ilc_plcs_firmware ilc_plcs
    • EPSS Score: %24.34
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2016-8366

    Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clea... Read more

    Affected Products : ilc_plcs_firmware ilc_plcs
    • EPSS Score: %11.60
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-8365

    OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versi... Read more

    • EPSS Score: %0.11
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-8220

    Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x prior to 1.7.1.0, contain an information disclosure vulnerability. The application inadvertently exposed WAN replication credentials at a public route.... Read more

    Affected Products : gemfire
    • EPSS Score: %0.32
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-7576

    In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.17
    • Published: Jan. 11, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-7550

    asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote).... Read more

    Affected Products : asterisk
    • EPSS Score: %0.12
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-7524

    coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.98
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-7523

    coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.36
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-7475

    Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles.... Read more

    • EPSS Score: %0.65
    • Published: Oct. 08, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-7472

    F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.... Read more

    • EPSS Score: %9.12
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-7443

    Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.93
    • Published: Mar. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-7404

    OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation t... Read more

    Affected Products : magnum
    • EPSS Score: %2.86
    • Published: Jun. 21, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-7398

    A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and possibly execute arbitrary code via c... Read more

    Affected Products : ext-http
    • EPSS Score: %5.72
    • Published: Sep. 06, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291641 Results