Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-10868

    The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.... Read more

    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10867

    The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages.... Read more

    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10866

    The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues.... Read more

    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10865

    The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS.... Read more

    Affected Products : lightbox_plus_colorbox
    • EPSS Score: %0.11
    • Published: Aug. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.2

    MEDIUM
    CVE-2016-10864

    NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.... Read more

    Affected Products : ex7000_firmware ex7000
    • EPSS Score: %0.14
    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10863

    Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure.... Read more

    • EPSS Score: %0.14
    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10862

    Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page.... Read more

    • EPSS Score: %0.14
    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10861

    Neet AirStream NAS1.1 devices allow CSRF attacks that cause the settings binary to change the AP name and password.... Read more

    Affected Products : airstream_nas_firmware airstream
    • EPSS Score: %0.12
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-10860

    cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.24
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-10859

    cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.18
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10858

    cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).... Read more

    Affected Products : cpanel
    • EPSS Score: %1.14
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10857

    cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.21
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10856

    cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.22
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-10855

    cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).... Read more

    Affected Products : cpanel
    • EPSS Score: %1.07
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10854

    cPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.30
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10853

    cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.26
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10852

    cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.19
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10851

    cPanel before 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.30
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-10850

    cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83).... Read more

    Affected Products : cpanel
    • EPSS Score: %1.15
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10849

    cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.30
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291756 Results