Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2016-6372

    A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthentica... Read more

    • EPSS Score: %0.27
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6360

    A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process un... Read more

    • EPSS Score: %1.36
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6358

    A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application unexpectedly quits. More Information: CSCux68539. Known ... Read more

    Affected Products : email_security_appliance
    • EPSS Score: %1.03
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6357

    A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass a configured drop filter by using an email with a corr... Read more

    Affected Products : email_security_appliance
    • EPSS Score: %0.22
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-6356

    A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial... Read more

    Affected Products : email_security_appliance
    • EPSS Score: %0.76
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1486

    A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to st... Read more

    Affected Products : email_security_appliance
    • EPSS Score: %0.76
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1481

    A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.Affected Products: This... Read more

    Affected Products : email_security_appliance
    • EPSS Score: %0.76
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1480

    A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user fil... Read more

    Affected Products : email_security_appliance
    • EPSS Score: %0.27
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1423

    A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. ... Read more

    Affected Products : email_security_appliance
    • EPSS Score: %0.54
    • Published: Oct. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6446

    A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. More Information: CSCvb03308. Known Affected Releases: 1.8, 1.9, 2.0.... Read more

    Affected Products : meeting_server
    • EPSS Score: %0.48
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 9.1

    CRITICAL
    CVE-2016-6445

    A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legiti... Read more

    Affected Products : meeting_server
    • EPSS Score: %0.77
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-6444

    A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a Web Bridge user. More Information: CSCvb03308. Known Affected Releases: 1.8, 1.9, 2.0.... Read more

    Affected Products : meeting_server
    • EPSS Score: %0.19
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-6443

    A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause ... Read more

    • EPSS Score: %1.87
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-6442

    A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. More Information: CSCvb57213. Known Affecte... Read more

    Affected Products : finesse
    • EPSS Score: %0.20
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-6440

    The Cisco Unified Communications Manager (CUCM) may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. More Information: CSCuz64683 CSCuz64698. Known Affected Releases: 11.0(1... Read more

    Affected Products : unified_communications_manager
    • EPSS Score: %0.29
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6439

    A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarti... Read more

    • EPSS Score: %0.14
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-6438

    A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. This vulnerability a... Read more

    Affected Products : ios_xe ios_xe
    • EPSS Score: %0.37
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 7.1

    HIGH
    CVE-2016-6437

    A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a per... Read more

    Affected Products : wide_area_application_services
    • EPSS Score: %0.71
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6432

    A vulnerability in the Identity Firewall feature of Cisco ASA Software before 9.6(2.1) could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in t... Read more

    • EPSS Score: %4.74
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6431

    A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packet... Read more

    • EPSS Score: %0.17
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291783 Results