Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.8

    MEDIUM
    CVE-2016-1000121

    XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension... Read more

    Affected Products : slider
    • EPSS Score: %0.30
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2016-1000120

    SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla... Read more

    Affected Products : catalog
    • EPSS Score: %0.90
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-5764

    Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to corrupt the stack and allow arbitrary code execution. Fixed in: Rumba FTP 4.5 (HF 14668). This can only occur if a client connects to a malicious server.... Read more

    Affected Products : rumba_ftp
    • EPSS Score: %9.23
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-1598

    XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.... Read more

    • EPSS Score: %0.27
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1592

    XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI.... Read more

    Affected Products : identity_manager
    • EPSS Score: %0.23
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-0787

    XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI.... Read more

    Affected Products : identity_manager
    • EPSS Score: %0.23
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-8506

    XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.... Read more

    Affected Products : yandex_browser
    • EPSS Score: %0.23
    • Published: Oct. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-8505

    XSS in Yandex Browser BookReader in Yandex browser for desktop for versions before 16.6. could be used by remote attacker for evaluation arbitrary javascript code.... Read more

    Affected Products : yandex_browser yandex.browser
    • EPSS Score: %0.23
    • Published: Oct. 26, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-8504

    CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile.... Read more

    Affected Products : yandex_browser
    • EPSS Score: %0.09
    • Published: Oct. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.3

    HIGH
    CVE-2016-8503

    Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript.... Read more

    Affected Products : yandex_browser
    • EPSS Score: %0.19
    • Published: Oct. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.3

    HIGH
    CVE-2016-8502

    Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 15.12.0 to 16.2 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript.... Read more

    Affected Products : yandex_browser
    • EPSS Score: %0.19
    • Published: Oct. 26, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-8501

    Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to sniff traffic in open or WEP-protected wi-fi networks despite of special security mechanism is enabled.... Read more

    Affected Products : yandex_browser
    • EPSS Score: %0.15
    • Published: Oct. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.6

    HIGH
    CVE-2016-8296

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to LDAP.... Read more

    Affected Products : peoplesoft_enterprise_peopletools
    • EPSS Score: %0.18
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-8295

    Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    • EPSS Score: %0.19
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-8294

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    Affected Products : peoplesoft_enterprise_peopletools
    • EPSS Score: %0.19
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 8.2

    HIGH
    CVE-2016-8293

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerability t... Read more

    Affected Products : peoplesoft_enterprise_peopletools
    • EPSS Score: %0.30
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2016-8292

    Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to Talent Acquisition Manager.... Read more

    • EPSS Score: %0.18
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 8.2

    HIGH
    CVE-2016-8291

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Mobile Application Platform.... Read more

    Affected Products : peoplesoft_enterprise_peopletools
    • EPSS Score: %0.32
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 4.4

    MEDIUM
    CVE-2016-8290

    Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633.... Read more

    Affected Products : mysql
    • EPSS Score: %0.43
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2016-8289

    Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.... Read more

    Affected Products : mysql
    • EPSS Score: %0.12
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291782 Results