Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2015-7271

    Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo.... Read more

    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2015-7270

    Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal.... Read more

    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-7265

    Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks.... Read more

    Affected Products : proxygen
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2015-7264

    The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks.... Read more

    Affected Products : proxygen
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-7263

    The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value.... Read more

    Affected Products : proxygen
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2015-7260

    Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file.... Read more

    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2015-6035

    Opsview before 2015-11-06 has XSS via SNMP.... Read more

    Affected Products : opsview
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2015-6028

    Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.... Read more

    Affected Products : snmpc
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2015-6027

    Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.... Read more

    Affected Products : snmpc
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2015-6021

    Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response.... Read more

    Affected Products : desktop
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2015-2889

    Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.... Read more

    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2015-2888

    Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service.... Read more

    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-2887

    iBaby M3S has a password of admin for the backdoor admin account.... Read more

    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-2886

    iBaby M6 allows remote attackers to obtain sensitive information, related to the ibabycloud.com service.... Read more

    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-2885

    Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.... Read more

    Affected Products : peek-a-view_firmware peek-a-view
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-2884

    Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi.... Read more

    Affected Products : in.sight_b120\\37
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2015-2883

    Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php.... Read more

    Affected Products : in.sight_b120\\37
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-2882

    Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a ... Read more

    Affected Products : in.sight_b120\\37
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-2881

    Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account.... Read more

    Affected Products : gcw-1010 gcw-1020 gpw-1025
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 9.0

    HIGH
    CVE-2015-2880

    TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account.... Read more

    Affected Products : tv-ip743sic
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293680 Results