Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-6343

    JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to access dashbuilder (usually admins) to click on links to /dashbuilder/Controller containing malicious scripts. Succ... Read more

    Affected Products : jboss_bpm_suite
    • EPSS Score: %0.38
    • Published: Oct. 31, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-6328

    A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' privat... Read more

    Affected Products : ubuntu_linux debian_linux libexif
    • EPSS Score: %1.16
    • Published: Oct. 31, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-6272

    XPath injection vulnerability in Epic MyChart allows remote attackers to access contents of an XML document containing static display strings, such as field labels, via the topic parameter to help.asp. NOTE: this was originally reported as a SQL injection... Read more

    Affected Products : mychart
    • EPSS Score: %12.86
    • Published: Feb. 20, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-6217

    Cross-site scripting (XSS) vulnerability in Sophos PureMessage for UNIX before 6.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : linux_kernel puremessage
    • EPSS Score: %0.10
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-6169

    Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (memory corruption and application crash) or potentially execute arbitrary code via the Bezier data in a crafte... Read more

    Affected Products : foxit_reader phantompdf
    • EPSS Score: %0.38
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-6168

    Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a crafted PDF file.... Read more

    Affected Products : foxit_reader phantompdf
    • EPSS Score: %0.35
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-6154

    The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).... Read more

    Affected Products : fireware windows
    • EPSS Score: %0.29
    • Published: Aug. 23, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-5819

    Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser ... Read more

    • EPSS Score: %0.18
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-5800

    A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0.... Read more

    • EPSS Score: %0.36
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-5724

    Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.... Read more

    Affected Products : cdh
    • EPSS Score: %0.40
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024

  • 4.6

    MEDIUM
    CVE-2016-5710

    NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.... Read more

    Affected Products : snap_creator_framework
    • EPSS Score: %0.14
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-5649

    A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, ... Read more

    • EPSS Score: %75.11
    • Published: Jul. 24, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-5638

    There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access... Read more

    Affected Products : wndr4500_firmware wndr4500
    • EPSS Score: %1.27
    • Published: Jul. 24, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-5431

    The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.... Read more

    Affected Products : php_jose
    • EPSS Score: %0.10
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-5402

    A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME r... Read more

    • EPSS Score: %3.22
    • Published: Oct. 31, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-5397

    The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0.... Read more

    Affected Products : thrift
    • EPSS Score: %7.81
    • Published: Feb. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-5346

    An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver due to a NULL pointer dereference when processing an accept system call by the user process on AF_MSM_IPC sockets, which could let a local malicious user o... Read more

    Affected Products : android pixel pixel_xl
    • EPSS Score: %0.10
    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2016-5345

    Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Jan. 23, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-5314

    Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by o... Read more

    • EPSS Score: %1.16
    • Published: Mar. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-5311

    A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Prot... Read more

    • EPSS Score: %0.29
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291672 Results