Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-15010

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in University of Cambridge django-ucamlookup up to 1.9.1. Affected by this vulnerability is an unknown functionality of the component Lookup Handler. The manipulation lead... Read more

    Affected Products : django-ucamlookup
    • EPSS Score: %0.08
    • Published: Jan. 05, 2023
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-15009

    A vulnerability classified as problematic has been found in OpenACS bug-tracker. Affected is an unknown function of the file lib/nav-bar.adp of the component Search. The manipulation leads to cross-site request forgery. It is possible to launch the attack... Read more

    Affected Products : bug-tracker
    • EPSS Score: %0.05
    • Published: Jan. 05, 2023
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-15008

    A vulnerability was found in oxguy3 coebot-www and classified as problematic. This issue affects the function displayChannelCommands/displayChannelQuotes/displayChannelAutoreplies/showChannelHighlights/showChannelBoir of the file js/channel.js. The manipu... Read more

    Affected Products : coebot-www
    • EPSS Score: %0.06
    • Published: Jan. 04, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-15007

    A vulnerability was found in Centralized-Salesforce-Dev-Framework. It has been declared as problematic. Affected by this vulnerability is the function SObjectService of the file src/classes/SObjectService.cls of the component SOQL Handler. The manipulatio... Read more

    • EPSS Score: %0.07
    • Published: Jan. 02, 2023
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-15006

    A vulnerability, which was classified as problematic, has been found in enigmaX up to 2.2. This issue affects the function getSeed of the file main.c of the component Scrambling Table Handler. The manipulation leads to predictable seed in pseudo-random nu... Read more

    Affected Products : enigmax
    • EPSS Score: %0.08
    • Published: Jan. 02, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-15004

    A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to versi... Read more

    Affected Products : infinitewp_client
    • EPSS Score: %1.50
    • Published: Jul. 23, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-15003

    A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquot... Read more

    Affected Products : filezilla_client windows
    • EPSS Score: %0.65
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-15002

    A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This affects an unknown part of the component Cookie Handler. The manipulation of the argument HasServerEdit/IsAdmin leads to privilege escalation. It is possible to ini... Read more

    Affected Products : webyog_monyog_ultimate
    • EPSS Score: %0.28
    • Published: Jun. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2016-11086

    lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.... Read more

    Affected Products : oauth-ruby
    • EPSS Score: %0.14
    • Published: Sep. 24, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-11085

    php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.... Read more

    • EPSS Score: %0.23
    • Published: Aug. 16, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11084

    An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.12
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11083

    An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11082

    An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-11081

    An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.23
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-11080

    An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.15
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11079

    An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-11078

    An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.33
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2016-11077

    An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.18
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11076

    An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.20
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11075

    An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.24
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291737 Results