Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2016-9062

    Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operat... Read more

    Affected Products : android firefox
    • EPSS Score: %0.08
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-9061

    A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems a... Read more

    Affected Products : android firefox
    • EPSS Score: %0.91
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2016-9048

    Multiple exploitable SQL Injection vulnerabilities exists in ProcessMaker Enterprise Core 3.0.1.7-community. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to tr... Read more

    Affected Products : processmaker
    • EPSS Score: %0.26
    • Published: Sep. 10, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-9045

    A code execution vulnerability exists in ProcessMaker Enterprise Core 3.0.1.7-community. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to tri... Read more

    Affected Products : processmaker
    • EPSS Score: %0.24
    • Published: Sep. 17, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-9044

    An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business Intelligence Portal 8.1 . A specially crafted web parameter can cause a command injection. An authenticated attacker can send a crafted web request to trigger ... Read more

    Affected Products : webfocus
    • EPSS Score: %0.87
    • Published: Sep. 07, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-9043

    An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker c... Read more

    Affected Products : coreldraw
    • EPSS Score: %0.96
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2016-9042

    An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies f... Read more

    • EPSS Score: %2.53
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2016-9040

    An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a bu... Read more

    Affected Products : smartos
    • EPSS Score: %0.18
    • Published: Sep. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-9038

    An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An ... Read more

    Affected Products : invincea-x
    • EPSS Score: %0.03
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-9026

    Exponent CMS before 2.6.0 has improper input validation in fileController.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.61
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-9025

    Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.61
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-9023

    Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.61
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-9022

    Exponent CMS before 2.6.0 has improper input validation in usersController.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.61
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-9021

    Exponent CMS before 2.6.0 has improper input validation in storeController.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.61
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-8901

    b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php.... Read more

    Affected Products : b2evolution
    • EPSS Score: %0.62
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-8900

    Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to change_tags.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.51
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-8899

    Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.51
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-8898

    Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.26
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-8897

    Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.26
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-8786

    Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C... Read more

    • EPSS Score: %0.22
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291750 Results