Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2016-8611

    A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.... Read more

    Affected Products : glance
    • EPSS Score: %0.54
    • Published: Jul. 31, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-8609

    It was found that the keycloak before 2.3.0 did not implement authentication flow correctly. An attacker could use this flaw to construct a phishing URL, from which he could hijack the user's session. This could lead to information disclosure, or permit f... Read more

    Affected Products : keycloak
    • EPSS Score: %0.16
    • Published: Aug. 01, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-8608

    JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, w... Read more

    • EPSS Score: %0.18
    • Published: Aug. 01, 2018
    • Modified: Nov. 21, 2024

  • 3.5

    LOW
    CVE-2016-8535

    A remote HTTP parameter Pollution vulnerability in HPE Matrix Operating Environment version 7.6 was found.... Read more

    Affected Products : matrix_operating_environment
    • EPSS Score: %0.24
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8534

    A remote privilege elevation vulnerability in HPE Matrix Operating Environment version 7.6 was found.... Read more

    Affected Products : matrix_operating_environment
    • EPSS Score: %0.53
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8533

    A remote priviledge escalation vulnerability in HPE Matrix Operating Environment version 7.6 was found.... Read more

    Affected Products : matrix_operating_environment
    • EPSS Score: %0.53
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-8532

    A cross site scripting vulnerability in HPE Matrix Operating Environment version 7.6 was found.... Read more

    Affected Products : matrix_operating_environment
    • EPSS Score: %0.30
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-8531

    A remote information disclosure vulnerability in HPE Matrix Operating Environment version 7.6 was found.... Read more

    Affected Products : matrix_operating_environment
    • EPSS Score: %0.55
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-8530

    A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %8.06
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2016-8529

    A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS version v12.5 and earlier was found. The problem was resolved in LeftHand OS v12.6 or any subsequent version.... Read more

    Affected Products : lefthand
    • EPSS Score: %2.17
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8528

    A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found.... Read more

    Affected Products : eucalyptus
    • EPSS Score: %2.42
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-8527

    Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting (XSS). The vulnerability is present in the VisualRF component of AirWave. By exploiting this vulnerability, an attacker who can trick a logged-i... Read more

    Affected Products : airwave
    • EPSS Score: %56.32
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8526

    Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the conten... Read more

    Affected Products : airwave
    • EPSS Score: %13.18
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-8525

    A Remote Disclosure of Information vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %6.83
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-8523

    A Remote Arbitrary Code Execution vulnerability in HPE Smart Storage Administrator version before v2.60.18.0 was found.... Read more

    Affected Products : smart_storage_administrator
    • EPSS Score: %36.78
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-8522

    A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.... Read more

    Affected Products : diagnostics
    • EPSS Score: %0.27
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-8521

    A Remote click jacking vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.... Read more

    Affected Products : diagnostics
    • EPSS Score: %1.17
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-8520

    HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.... Read more

    Affected Products : eucalyptus
    • EPSS Score: %0.48
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-8519

    A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.... Read more

    Affected Products : operations_orchestration
    • EPSS Score: %60.33
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-8518

    A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.... Read more

    Affected Products : systems_insight_manager
    • EPSS Score: %6.01
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291712 Results