Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2016-0750

    The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or... Read more

    Affected Products : infinispan
    • Published: Sep. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2016-0715

    Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-201... Read more

    Affected Products : cloud_foundry_elastic_runtime
    • Published: Sep. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2016-0708

    Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have b... Read more

    Affected Products : cf-release java_buildpack
    • Published: Jul. 11, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-0373

    IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.... Read more

    Affected Products : urbancode_deploy
    • Published: Aug. 30, 2018
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2016-0369

    XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.... Read more

    Affected Products : forms_experience_builder
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-0367

    IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 112072.... Read more

    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-0366

    IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 might allow remote attackers to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 112071.... Read more

    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-0351

    IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission... Read more

    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2016-0348

    Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111813.... Read more

    Affected Products : tririga_application_platform
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-0345

    IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786.... Read more

    Affected Products : tririga_application_platform
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-0344

    Cross-site scripting (XSS) vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : tririga_application_platform
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-0343

    IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 111784.... Read more

    Affected Products : tririga_application_platform
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-0342

    IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to read or modify arbitrary reports by leveraging an incorrect grant of access. IBM X-Force ID: 111783.... Read more

    Affected Products : tririga_application_platform
    • Published: Feb. 02, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-0336

    Cross-site scripting (XSS) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. IBM X-... Read more

    Affected Products : security_identity_manager
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-0335

    Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote attackers to hijack the authentication of users for requests that have unspecified ... Read more

    Affected Products : security_identity_manager
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-0332

    IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. IBM X-Force ... Read more

    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-0329

    Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before 10.1.0.0_iFix3 allows remote attackers to redirect use... Read more

    Affected Products : emptoris_sourcing
    • Published: Feb. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2016-0327

    IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows local users to gain administrator privileges via unspecified vectors. IBM X-Force ID: 111643.... Read more

    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2016-0324

    IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to execute arbitrary code with administrator privileges via unspecified vectors. IBM X-Force ID: 111640.... Read more

    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-0312

    IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive information via vectors related to granting unauthenticated access to Document Manager. IBM X-Force ID: 111486.... Read more

    Affected Products : tririga_application_platform
    • Published: Feb. 02, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293284 Results