Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2016-4983

    A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.... Read more

    Affected Products : enterprise_linux leap opensuse dovecot
    • EPSS Score: %0.14
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2016-4980

    A password generation weakness exists in xquest through 2016-06-13.... Read more

    Affected Products : enterprise_linux fedora xquest
    • EPSS Score: %0.13
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-4975

    Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fi... Read more

    Affected Products : http_server
    • EPSS Score: %86.60
    • Published: Aug. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-4761

    WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS... Read more

    Affected Products : ubuntu_linux webkitgtk\+
    • EPSS Score: %0.54
    • Published: Jan. 22, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-4676

    A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information.... Read more

    Affected Products : mac_os_x safari
    • EPSS Score: %1.78
    • Published: Feb. 03, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-4644

    In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with t... Read more

    Affected Products : iphone_os apple_tv mac_os
    • EPSS Score: %0.45
    • Published: Jan. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-4643

    In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.... Read more

    Affected Products : iphone_os apple_tv mac_os
    • EPSS Score: %0.37
    • Published: Jan. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2016-4642

    In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings.... Read more

    Affected Products : iphone_os apple_tv mac_os
    • EPSS Score: %0.36
    • Published: Jan. 11, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-4606

    Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions.... Read more

    Affected Products : curl mac_os_x
    • EPSS Score: %0.22
    • Published: Feb. 21, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-4572

    In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges.... Read more

    Affected Products : cdh
    • EPSS Score: %0.34
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-4427

    In zulip before 1.3.12, deactivated users could access messages if SSO was enabled.... Read more

    Affected Products : zulip
    • EPSS Score: %0.26
    • Published: Jul. 28, 2022
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-4426

    In zulip before 1.3.12, bot API keys were accessible to other users in the same realm.... Read more

    Affected Products : zulip
    • EPSS Score: %0.15
    • Published: Jul. 28, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-4406

    A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44.... Read more

    • EPSS Score: %0.54
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-4405

    A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26... Read more

    Affected Products : business_service_management
    • EPSS Score: %20.31
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-4404

    A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via a memory allocation issue.... Read more

    Affected Products : keyview
    • EPSS Score: %12.00
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-4403

    A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via memory corruption.... Read more

    Affected Products : keyview
    • EPSS Score: %12.00
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-4402

    A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.... Read more

    Affected Products : keyview
    • EPSS Score: %12.80
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-4401

    Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials.... Read more

    Affected Products : clearpass
    • EPSS Score: %0.47
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-4400

    A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS).... Read more

    Affected Products : network_node_manager_i
    • EPSS Score: %0.31
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-4399

    A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS).... Read more

    Affected Products : network_node_manager_i
    • EPSS Score: %0.27
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291672 Results