Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2015-0837

    The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Sid... Read more

    Affected Products : debian_linux libgcrypt gnupg
    • EPSS Score: %0.55
    • Published: Nov. 29, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-0796

    In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial... Read more

    • EPSS Score: %0.16
    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-0749

    A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected software. The vulnerabilities is due to improper input validation of certain parameters ... Read more

    Affected Products : unified_communications_manager
    • EPSS Score: %0.21
    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2015-0565

    NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.... Read more

    Affected Products : native_client
    • EPSS Score: %27.78
    • Published: Feb. 25, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2015-0558

    The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6, and possibly other routers, uses "1236790" and the MAC address to generate the WPA key.... Read more

    Affected Products : p.dga4001n_firmware p.dga4001n
    • EPSS Score: %0.11
    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2015-0294

    GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.... Read more

    Affected Products : enterprise_linux debian_linux gnutls
    • EPSS Score: %0.58
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-0270

    Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter.... Read more

    Affected Products : zend_framework framework
    • EPSS Score: %0.39
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-0258

    Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtm... Read more

    Affected Products : ubuntu_linux debian_linux collabtive
    • EPSS Score: %11.88
    • Published: Feb. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-0244

    PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted bin... Read more

    Affected Products : debian_linux postgresql
    • EPSS Score: %1.08
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-0243

    Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbi... Read more

    Affected Products : debian_linux postgresql
    • EPSS Score: %3.61
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-0242

    Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to c... Read more

    Affected Products : debian_linux windows postgresql
    • EPSS Score: %3.27
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-0241

    The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) larg... Read more

    Affected Products : debian_linux postgresql
    • EPSS Score: %3.38
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2015-0203

    The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) content-bearing methods other than message-transfer, or (3)... Read more

    Affected Products : qpid
    • EPSS Score: %17.10
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2015-0172

    IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote attackers to bypass intended security restrictions and consequently execute unspecified commands and obtain sensitive information via unknown vectors. IBM X-Force ID: 100927.... Read more

    Affected Products : security_siteprotector_system
    • EPSS Score: %0.20
    • Published: Apr. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2015-0153

    D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the wireless key.... Read more

    Affected Products : dir-815_firmware dir-815
    • EPSS Score: %0.45
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-0152

    D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the administrative password.... Read more

    Affected Products : dir-815_firmware dir-815
    • EPSS Score: %0.51
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-0151

    Cross-site request forgery (CSRF) vulnerability in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.... Read more

    Affected Products : dir-815_firmware dir-815
    • EPSS Score: %0.19
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-0150

    The remote administration UI in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers to bypass intended access restrictions via unspecified vectors.... Read more

    Affected Products : dir-815_firmware dir-815
    • EPSS Score: %0.61
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2015-0102

    IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.... Read more

    Affected Products : workflow
    • EPSS Score: %0.42
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-9998

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA937... Read more

    • EPSS Score: %0.31
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292733 Results