Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2016-15004

    A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to versi... Read more

    Affected Products : infinitewp_client
    • EPSS Score: %1.50
    • Published: Jul. 23, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-15003

    A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquot... Read more

    Affected Products : filezilla_client windows
    • EPSS Score: %0.65
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-15002

    A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This affects an unknown part of the component Cookie Handler. The manipulation of the argument HasServerEdit/IsAdmin leads to privilege escalation. It is possible to ini... Read more

    Affected Products : webyog_monyog_ultimate
    • EPSS Score: %0.28
    • Published: Jun. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2016-11086

    lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.... Read more

    Affected Products : oauth-ruby
    • EPSS Score: %0.14
    • Published: Sep. 24, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-11085

    php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.... Read more

    • EPSS Score: %0.23
    • Published: Aug. 16, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11084

    An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.12
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11083

    An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11082

    An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-11081

    An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.23
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-11080

    An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.15
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11079

    An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-11078

    An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.33
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2016-11077

    An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.18
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11076

    An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.20
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11075

    An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.24
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-11074

    An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.41
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11073

    An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-11072

    An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.19
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11071

    An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-11070

    An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.34
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291812 Results