Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2016-1600

    The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability.... Read more

    Affected Products : identity_manager identity_manager
    • EPSS Score: %0.32
    • Published: May. 09, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-1587

    The Snapweb interface before version 0.21.2 was exposing controls to install or remove snap packages without controlling the identity of the user, nor the origin of the connection. An attacker could have used the controls to remotely add a valid, but mali... Read more

    Affected Products : snapweb
    • EPSS Score: %0.28
    • Published: Apr. 22, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-1586

    A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3.... Read more

    Affected Products : oxide
    • EPSS Score: %0.18
    • Published: Apr. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-1584

    In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input.... Read more

    Affected Products : unity8
    • EPSS Score: %0.24
    • Published: Apr. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-1579

    UDM provides support for running commands after a download is completed, this is currently made use of for click package installation. This functionality was not restricted to unconfined applications. Before UDM version 1.2+16.04.20160408-0ubuntu1 any con... Read more

    Affected Products : ubuntu_download_manager
    • EPSS Score: %0.20
    • Published: Apr. 22, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-1573

    Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.... Read more

    Affected Products : unity8 unity8
    • EPSS Score: %0.09
    • Published: Apr. 22, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-1544

    nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).... Read more

    Affected Products : fedora nghttp2
    • EPSS Score: %2.12
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-1487

    Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization.... Read more

    Affected Products : markvision_enterprise
    • EPSS Score: %0.86
    • Published: Mar. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-1239

    duck before 0.10 did not properly handle loading of untrusted code from the current directory.... Read more

    Affected Products : duck
    • EPSS Score: %0.61
    • Published: Feb. 19, 2022
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-1203

    Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 (Build427) and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may... Read more

    Affected Products : windows netizen netizen_installer
    • EPSS Score: %1.64
    • Published: Oct. 31, 2023
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-1159

    In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build 8400,8401,8402), underprivileged users can obtain sensitive information (entry password history) via a vulnerable hidden service.... Read more

    Affected Products : manageengine_password_manager_pro
    • EPSS Score: %0.48
    • Published: Mar. 09, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-15039

    A vulnerability classified as critical was found in mhuertos phpLDAPadmin up to 665dbc2690ebeb5392d38f1fece0a654225a0b38. Affected by this vulnerability is the function makeHttpRequest of the file htdocs/js/ajax_functions.js. The manipulation leads to htt... Read more

    Affected Products :
    • Published: Jul. 11, 2024
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-15038

    A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack... Read more

    Affected Products :
    • Published: Apr. 01, 2024
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-15037

    A vulnerability, which was classified as problematic, has been found in go4rayyan Scumblr up to 2.0.1a. Affected by this issue is some unknown functionality of the component Task Handler. The manipulation leads to cross site scripting. The attack may be l... Read more

    Affected Products : scumblr
    • EPSS Score: %0.31
    • Published: Jan. 21, 2024
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-15036

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Deis Workflow Manager up to 2.3.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to race condition. The complexity of an attack is rather high. The ... Read more

    Affected Products : workflow_manager
    • EPSS Score: %0.04
    • Published: Dec. 23, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-15035

    A vulnerability was found in Doc2k RE-Chat 1.0. It has been classified as problematic. This affects an unknown part of the file js_on_radio-emergency.de_/re_chat.js. The manipulation leads to cross site scripting. It is possible to initiate the attack rem... Read more

    Affected Products : re-chat
    • EPSS Score: %0.31
    • Published: Aug. 28, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-15034

    A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrss_search of the file freedomrss_search.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to add... Read more

    Affected Products : dynacase_webdesk
    • EPSS Score: %0.04
    • Published: Jul. 10, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-15033

    The Delete All Comments plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the via the delete-all-comments.php file in versions up to, and including, 2.0. This makes it possible for unauthenticated attacker... Read more

    Affected Products : delete_all_comments
    • EPSS Score: %5.04
    • Published: Jun. 07, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-15032

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in mback2k mh_httpbl Extension up to 1.1.7 on TYPO3. This affects the function stopOutput of the file class.tx_mhhttpbl.php. The manipulation of the argument $_SERVER... Read more

    Affected Products : mh_httpbl
    • EPSS Score: %0.07
    • Published: Jun. 02, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-15031

    A vulnerability was found in PHP-Login 1.0. It has been declared as critical. This vulnerability affects the function checkLogin of the file login/scripts/class.loginscript.php of the component POST Parameter Handler. The manipulation of the argument myus... Read more

    Affected Products : php-login
    • EPSS Score: %0.04
    • Published: May. 06, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291722 Results