Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2015-7962

    SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7961

    SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2015-7946

    Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.... Read more

    Affected Products : unity8
    • Published: May. 07, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7892

    Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.... Read more

    Affected Products : m2m1shot_driver
    • Published: Dec. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-7890

    Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter.... Read more

    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2015-7882

    Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.... Read more

    Affected Products : mongodb
    • Published: Jul. 19, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-7874

    Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary code via a long nickname.... Read more

    Affected Products : kitty_portable
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2015-7851

    Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwri... Read more

    Affected Products : ntp
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-7831

    In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.... Read more

    Affected Products : cdh
    • Published: Nov. 26, 2019
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2015-7810

    libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files... Read more

    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-7731

    SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830.... Read more

    Affected Products : mobile_platform
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-7610

    Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecifie... Read more

    • Published: May. 30, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-7609

    Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra.... Read more

    Affected Products : zimbra_collaboration_suite
    • Published: May. 30, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7598

    SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7597

    SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7596

    SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.... Read more

    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-7567

    SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter.... Read more

    Affected Products : yeager_cms
    • Published: Feb. 18, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2015-7559

    It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.... Read more

    Affected Products : activemq jboss_fuse jboss_a-mq
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2015-7556

    DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program.... Read more

    Affected Products : delegate
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2015-7542

    A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.... Read more

    Affected Products : debian_linux leap gwenhywfar
    • Published: Dec. 03, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 293343 Results