Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2016-3106

    Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner.... Read more

    Affected Products : pulp
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2016-2555

    SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.... Read more

    Affected Products : atutor
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2016-2104

    Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) chan... Read more

    Affected Products : satellite satellite
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2016-1915

    Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/logged... Read more

    Affected Products : blackberry_enterprise_service
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-1914

    Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevi... Read more

    Affected Products : blackberry_enterprise_service
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-1132

    Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates.... Read more

    Affected Products : shoplat
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-10123

    Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.... Read more

    Affected Products : firejail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-10122

    Firejail does not properly clean environment variables, which allows local users to gain privileges.... Read more

    Affected Products : firejail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-10121

    Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.... Read more

    Affected Products : firejail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-10120

    Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.... Read more

    Affected Products : firejail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-10119

    Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.... Read more

    Affected Products : firejail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2016-10118

    Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.... Read more

    Affected Products : firejail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-10117

    Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.... Read more

    Affected Products : firejail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2015-8864

    Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068.... Read more

    Affected Products : leap opensuse webmail roundcube_webmail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2015-8284

    SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.... Read more

    Affected Products : spectrum_sdc
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 6.8

    MEDIUM
    CVE-2015-8283

    Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.... Read more

    Affected Products : spectrum_sdc
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2015-8282

    SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.... Read more

    Affected Products : spectrum_sdc
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2015-8272

    RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).... Read more

    Affected Products : rtmpdump
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2015-8271

    The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.... Read more

    Affected Products : rtmpdump
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-8270

    The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash).... Read more

    Affected Products : rtmpdump
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293679 Results