Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2015-8298

    Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or t... Read more

    Affected Products : rxadmin
    • Published: Sep. 24, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-8094

    Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter.... Read more

    Affected Products : hue
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2015-8033

    In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.... Read more

    Affected Products : textpattern
    • Published: Aug. 14, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2015-8032

    In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.... Read more

    Affected Products : textpattern
    • Published: Aug. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-8031

    Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2 allows XXE attacks.... Read more

    Affected Products : hudson
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2015-8012

    lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet.... Read more

    Affected Products : lldpd
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-8011

    Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV b... Read more

    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 6.4

    MEDIUM
    CVE-2015-7968

    nwbc_ext2int in SAP NetWeaver Application Server before Security Note 2183189 allows XXE attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbc_ext2int/ URI.... Read more

    • Published: Mar. 09, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7967

    SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7966

    SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7965

    SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7964

    SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7963

    SafeNet Authentication Service for AD FS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7962

    SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7961

    SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2015-7946

    Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.... Read more

    Affected Products : unity8
    • Published: May. 07, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7892

    Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.... Read more

    Affected Products : m2m1shot_driver
    • Published: Dec. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-7890

    Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter.... Read more

    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2015-7882

    Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.... Read more

    Affected Products : mongodb
    • Published: Jul. 19, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-7874

    Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary code via a long nickname.... Read more

    Affected Products : kitty_portable
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292802 Results