Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-7831

    Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage.... Read more

    Affected Products : sleipnir
    • EPSS Score: %0.22
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-7830

    Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to p... Read more

    • EPSS Score: %0.46
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-7245

    Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter.... Read more

    Affected Products : dvg-n5402sp_firmware dvg-n5402sp
    • EPSS Score: %85.38
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-7826

    Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.... Read more

    Affected Products : wnc01wh_firmware wnc01wh
    • EPSS Score: %4.27
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-7825

    Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.... Read more

    Affected Products : wnc01wh_firmware wnc01wh
    • EPSS Score: %4.27
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-7824

    Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors.... Read more

    Affected Products : wnc01wh_firmware wnc01wh
    • EPSS Score: %0.51
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2016-7823

    Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : wnc01wh_firmware wnc01wh
    • EPSS Score: %0.18
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-7821

    Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors.... Read more

    Affected Products : wnc01wh_firmware wnc01wh
    • EPSS Score: %0.51
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.0

    HIGH
    CVE-2016-7820

    Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service (DoS) or execute arbitrary code via unspecified vect... Read more

    • EPSS Score: %1.22
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2016-7817

    Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : simple_keitai_chat
    • EPSS Score: %0.23
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2016-7816

    The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : kintone
    • EPSS Score: %0.13
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2016-7813

    Cross-site scripting vulnerability in DERAEMON-CMS version 0.8.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the parameters hostname, database and username.... Read more

    Affected Products : deraemon-cms
    • EPSS Score: %0.32
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-7811

    Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors.... Read more

    Affected Products : cg-wlr300nx_firmware cg-wlr300nx
    • EPSS Score: %0.07
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 4.8

    MEDIUM
    CVE-2016-7810

    Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : cg-wlr300nx_firmware cg-wlr300nx
    • EPSS Score: %0.47
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-7806

    I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.... Read more

    Affected Products : wfs-sr01_firmware wfs-sr01
    • EPSS Score: %11.02
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2016-7805

    The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... Read more

    Affected Products : mobigate
    • EPSS Score: %0.26
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-7802

    Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors.... Read more

    Affected Products : garoon
    • EPSS Score: %3.53
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2016-4910

    Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to delete other operational administrators' MultiReport filters via unspecified vectors.... Read more

    Affected Products : garoon
    • EPSS Score: %0.15
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2016-4909

    Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors.... Read more

    Affected Products : garoon
    • EPSS Score: %0.23
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2016-4908

    Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors.... Read more

    Affected Products : garoon
    • EPSS Score: %0.21
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292238 Results