Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2016-5425

    The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging members... Read more

    • EPSS Score: %14.47
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-4407

    The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka SAP Security Note 2223008.... Read more

    Affected Products : sapcryptolib
    • EPSS Score: %0.16
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-3946

    SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461.... Read more

    Affected Products : sapconsole
    • EPSS Score: %0.05
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-3638

    SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory corruption and process termination) via a crafted HOST parameter, aka SAP Security Note 2125623.... Read more

    Affected Products : sld_registration
    • EPSS Score: %0.08
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-3635

    SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM inc... Read more

    Affected Products : netweaver
    • EPSS Score: %0.59
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.1

    CRITICAL
    CVE-2016-8565

    Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets.... Read more

    Affected Products : automation_license_manager
    • EPSS Score: %0.97
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-8564

    SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410.... Read more

    Affected Products : automation_license_manager
    • EPSS Score: %0.23
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-8563

    Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410.... Read more

    Affected Products : automation_license_manager
    • EPSS Score: %1.00
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2016-7960

    Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.... Read more

    Affected Products : simatic_step_7
    • EPSS Score: %0.09
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2016-7959

    Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.... Read more

    Affected Products : simatic_step_7
    • EPSS Score: %0.06
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2016-1000216

    Ruckus Wireless H500 web management interface authenticated command injection... Read more

    Affected Products : wireless_h500
    • EPSS Score: %20.21
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000155

    Reflected XSS in wordpress plugin wpsolr-search-engine v7.6... Read more

    Affected Products : wpsolr-search-engine
    • EPSS Score: %2.16
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000154

    Reflected XSS in wordpress plugin whizz v1.0.7... Read more

    Affected Products : whizz
    • EPSS Score: %8.65
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000153

    Reflected XSS in wordpress plugin tidio-gallery v1.1... Read more

    Affected Products : tidio-gallery
    • EPSS Score: %4.57
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000152

    Reflected XSS in wordpress plugin tidio-form v1.0... Read more

    Affected Products : tidio-form
    • EPSS Score: %8.65
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000151

    Reflected XSS in wordpress plugin tera-charts v1.0... Read more

    Affected Products : tera-charts
    • EPSS Score: %1.34
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000150

    Reflected XSS in wordpress plugin simplified-content v1.0.0... Read more

    Affected Products : simplified-content
    • EPSS Score: %0.99
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000149

    Reflected XSS in wordpress plugin simpel-reserveren v3.5.2... Read more

    Affected Products : simpel-reserveren
    • EPSS Score: %7.52
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000148

    Reflected XSS in wordpress plugin s3-video v0.983... Read more

    Affected Products : s3_video s3-video
    • EPSS Score: %9.35
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000147

    Reflected XSS in wordpress plugin recipes-writer v1.0.4... Read more

    Affected Products : recipes-writer
    • EPSS Score: %1.34
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291728 Results