Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2016-9539

    tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.42
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-9538

    tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.42
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-9537

    tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.42
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-9536

    tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow."... Read more

    Affected Products : libtiff
    • EPSS Score: %0.42
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-9535

    tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predicto... Read more

    Affected Products : libtiff
    • EPSS Score: %0.78
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-9534

    tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."... Read more

    Affected Products : libtiff
    • EPSS Score: %0.45
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-9533

    tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow."... Read more

    Affected Products : libtiff
    • EPSS Score: %0.39
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-8978

    In Soap Lite (aka the SOAP::Lite extension for Perl) 1.14 and earlier, an example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with the document consisting of a single instance of the larges... Read more

    Affected Products : \
    • EPSS Score: %0.69
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-9155

    The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; CCID1445-DN18, CCID1445-DN28, CCID1145-DN36, CFIS1425, C... Read more

    • EPSS Score: %0.92
    • Published: Nov. 22, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-9151

    Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows local users to gain privileges via crafted values of unspecified environment variables.... Read more

    Affected Products : pan-os
    • EPSS Score: %0.35
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-9150

    Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attackers to execute arbitrary code via un... Read more

    Affected Products : pan-os
    • EPSS Score: %51.60
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-9149

    The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 mishandles single quote characters, which allows remote authenticated users ... Read more

    Affected Products : pan-os
    • EPSS Score: %0.24
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6472

    A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager (CallManager) could allow an unauthenticated, remote attacker to launch a cross-site scripting (XSS) attack against a user of the web interface on the affected... Read more

    Affected Products : unified_communications_manager
    • EPSS Score: %0.32
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6466

    A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) ... Read more

    • EPSS Score: %0.78
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-6463

    A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected devi... Read more

    Affected Products : email_security_appliance_firmware
    • EPSS Score: %0.19
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-6462

    A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected devi... Read more

    Affected Products : email_security_appliance_firmware
    • EPSS Score: %0.18
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-6461

    A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. More Information: CSCva38556. Known Affected... Read more

    • EPSS Score: %0.34
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6460

    A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an ... Read more

    Affected Products : firesight_system_software
    • EPSS Score: %0.23
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6459

    Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed R... Read more

    Affected Products : telepresence_tc_software
    • EPSS Score: %0.59
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6458

    A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. Email that should have been fi... Read more

    Affected Products : email_security_appliance_firmware
    • EPSS Score: %0.22
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292100 Results