Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2016-6342

    elog 3.1.1 allows remote attackers to post data as any username in the logbook.... Read more

    Affected Products : fedora elog
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-5414

    FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services.... Read more

    Affected Products : freeipa
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 8.5

    HIGH
    CVE-2016-4383

    The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change.... Read more

    Affected Products : helion_openstack_glance
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-0959

    Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet... Read more

    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2015-8697

    stalin 0.11-5 allows local users to write to arbitrary files.... Read more

    Affected Products : stalin
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2015-7898

    Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).... Read more

    Affected Products : samsung_mobile galaxy_s6
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2015-7895

    Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).... Read more

    Affected Products : samsung_mobile galaxy_s6
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-7781

    ManageEngine Firewall Analyzer before 8.0 does not restrict access permissions.... Read more

    Affected Products : manageengine_firewall_analyzer
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2015-7780

    Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0.... Read more

    Affected Products : manageengine_firewall_analyzer
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-5378

    Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server.... Read more

    Affected Products : logstash logstash
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-5180

    res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).... Read more

    Affected Products : ubuntu_linux glibc
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2015-3840

    The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission.... Read more

    Affected Products : android
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-2245

    Huawei Ascend P7 allows remote attackers to cause a denial of service (phone process crash).... Read more

    Affected Products : p7-l09_firmware p7-l09
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2015-1795

    Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root.... Read more

    Affected Products : enterprise_linux gluster_storage
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2015-1778

    The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination.... Read more

    Affected Products : opendaylight
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2015-1591

    The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges.... Read more

    Affected Products : kamailio
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2014-8149

    OpenDaylight defense4all 1.1.0 and earlier allows remote authenticated users to write report data to arbitrary files.... Read more

    Affected Products : defense4all
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2014-6354

    Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : internet_explorer
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 8.1

    HIGH
    CVE-2012-5010

    ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 8.4.x before 8.4.7 Interim, 8.2.x bef... Read more

    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2004-2778

    Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or exec... Read more

    Affected Products : portage
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294740 Results