Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2016-8225

    Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.... Read more

    • EPSS Score: %0.06
    • Published: Jan. 26, 2017
    • Modified: Apr. 20, 2025

  • 4.7

    MEDIUM
    CVE-2017-3803

    A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of servic... Read more

    Affected Products : ios
    • EPSS Score: %0.17
    • Published: Jan. 26, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-3802

    A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCvc20679. Known Affected ... Read more

    Affected Products : unified_communications_manager
    • EPSS Score: %0.29
    • Published: Jan. 26, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2016-9307

    Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.... Read more

    Affected Products : fbx_software_development_kit
    • EPSS Score: %2.68
    • Published: Jan. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2016-9305

    Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.... Read more

    Affected Products : fbx_software_development_kit
    • EPSS Score: %0.58
    • Published: Jan. 25, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-5594

    An issue was discovered in Pagekit CMS before 1.0.11. In this vulnerability the remote attacker is able to reset the registered user's password, when the debug toolbar is enabled. The password is successfully recovered using this exploit. The SecureLayer7... Read more

    Affected Products : pagekit
    • EPSS Score: %9.42
    • Published: Jan. 25, 2017
    • Modified: Apr. 20, 2025

  • 8.4

    HIGH
    CVE-2016-7102

    ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a "special path" in the C: drive.... Read more

    Affected Products : owncloud_desktop_client
    • EPSS Score: %0.17
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-6920

    Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions.... Read more

    Affected Products : ffmpeg
    • EPSS Score: %3.62
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-6668

    The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to o... Read more

    • EPSS Score: %1.32
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-1281

    Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Tro... Read more

    Affected Products : veracrypt truecrypt
    • EPSS Score: %0.23
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-6521

    Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of users for requests that execute arbitrary Groovy code vi... Read more

    Affected Products : grails
    • EPSS Score: %0.29
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2016-6484

    CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.... Read more

    Affected Products : netmri
    • EPSS Score: %0.44
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2014-8362

    Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface.... Read more

    • EPSS Score: %2.67
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-5182

    Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all... Read more

    • EPSS Score: %0.99
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2016-9870

    EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious use... Read more

    Affected Products : isilon_onefs isilon_onefs
    • EPSS Score: %0.07
    • Published: Jan. 23, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-6253

    mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.... Read more

    Affected Products : netbsd
    • EPSS Score: %14.96
    • Published: Jan. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-10143

    A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field.... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %0.41
    • Published: Jan. 20, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2016-3999

    Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104552 and 104703.... Read more

    Affected Products : zimbra_collaboration_suite
    • EPSS Score: %0.44
    • Published: Jan. 18, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-3413

    Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103996.... Read more

    Affected Products : zimbra_collaboration_suite
    • EPSS Score: %1.24
    • Published: Jan. 18, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2016-3409

    Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 102637.... Read more

    Affected Products : zimbra_collaboration_suite
    • EPSS Score: %0.44
    • Published: Jan. 18, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292720 Results