Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

4.8

MEDIUM

CVE-2015-7471

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) ...

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert rational_requirements_composer
Published: Mar. 15, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2015-7463

IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2 allow remote authenticated users to delete process and task data by leveraging incorrect authorization checks. IBM X-Force ID: 108393....

Affected Products : business_process_manager
Published: Mar. 15, 2018

Modified: Nov. 21, 2024
6.5

MEDIUM

CVE-2015-7461

XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service (memory consumption) via crafted XML data. IBM X-Force ID: 108357....

Affected Products : connections
Published: Mar. 20, 2018

Modified: Nov. 21, 2024
5.4

MEDIUM

CVE-2015-7460

Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108356....

Affected Products : connections
Published: Mar. 20, 2018

Modified: Nov. 21, 2024
5.4

MEDIUM

CVE-2015-7459

Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108355....

Affected Products : connections
Published: Mar. 20, 2018

Modified: Nov. 21, 2024
5.4

MEDIUM

CVE-2015-7458

Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108354....

Affected Products : connections
Published: Mar. 20, 2018

Modified: Nov. 21, 2024
6.1

MEDIUM

CVE-2015-7453

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) ...

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert rational_requirements_composer
Published: Mar. 15, 2018

Modified: Nov. 21, 2024
3.3

LOW

CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before...

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert rational_requirements_composer
Published: Mar. 20, 2018

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2015-7440

IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4....

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert rational_requirements_composer
Published: Mar. 15, 2018

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2015-7434

IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine. IBM X-Force ID: 107863....

Affected Products : capacity_management_analytics
Published: Mar. 26, 2018

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2015-7433

IBM Capacity Management Analytics 2.1.0.0 allows local users to discover cleartext usernames and passwords by leveraging access to the CMA install machine. IBM X-Force ID: 107862....

Affected Products : capacity_management_analytics
Published: Mar. 26, 2018

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2015-7432

IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt. IBM X-Force ID: 107861....

Affected Products : capacity_management_analytics
Published: Mar. 26, 2018

Modified: Nov. 21, 2024
4.3

MEDIUM

CVE-2015-7424

IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, 11.4, and 11.5 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information by leveraging Catalogs access. IBM X-Force I...

Affected Products : infosphere_master_data_management
Published: Mar. 26, 2018

Modified: Nov. 21, 2024
5.4

MEDIUM

CVE-2015-7423

Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. IBM...

Affected Products : infosphere_master_data_management
Published: Mar. 26, 2018

Modified: Nov. 21, 2024
4.3

MEDIUM

CVE-2015-7401

IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id. IBM X-Force ID: 107106....

Affected Products : curam_social_program_management
Published: Mar. 26, 2018

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2015-7344

HikaShop Joomla Component before 2.6.0 has XSS via an injected payload[/caption]....

Affected Products : hikashop
Published: Mar. 09, 2020

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2015-7343

JNews Joomla Component before 8.5.0 has XSS via the mailingsearch parameter....

Affected Products : jnews
Published: Mar. 09, 2020

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2015-7342

JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field....

Affected Products : jnews
Published: Mar. 09, 2020

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2015-7341

JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension....

Affected Products : jnews
Published: Mar. 09, 2020

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2015-7340

JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action....

Affected Products : jevents
Published: Mar. 09, 2020

Modified: Nov. 21, 2024

Showing 20 of 292801 Results

Browse by Apps

Latest CVE Feed

4.8

5.5

6.5

5.4

5.4

5.4

6.1

3.3

7.8

7.8

7.8

7.8

4.3

5.4

4.3

4.8

4.8

7.2

8.8

7.2

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable