Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2016-5329

    VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors.... Read more

    Affected Products : mac_os_x fusion
    • Published: Dec. 29, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-5328

    VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors.... Read more

    Affected Products : tools mac_os_x
    • Published: Dec. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-2246

    HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors.... Read more

    Affected Products : thinpro
    • Published: Dec. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-9806

    Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg s... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-9794

    Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SND... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-9793

    The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecifie... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-9777

    KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted in... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-9756

    arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-9755

    The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application t... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-9685

    Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-9588

    arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-9576

    The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-f... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.0

    HIGH
    CVE-2016-6787

    kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 31095224.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.0

    HIGH
    CVE-2016-6786

    kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2016-6213

    fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a lo... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2012-6704

    The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified o... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-10072

    WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly e... Read more

    Affected Products : wampserver
    • Published: Dec. 27, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-10031

    WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privil... Read more

    Affected Products : wampserver
    • Published: Dec. 27, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-9224

    A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.6(9). Known Fixed Releases: 11.0(0).... Read more

    Affected Products : jabber_guest
    • Published: Dec. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-9223

    A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly CliQr) could allow an unauthenticated, remote attacker to install Docker containers with high privileges on the affected system. Affected Products: This vu... Read more

    Affected Products : cloudcenter_orchestrator
    • Published: Dec. 26, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292802 Results