Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-1000135

    Reflected XSS in wordpress plugin hdw-tube v1.2... Read more

    Affected Products : hdw-tube
    • EPSS Score: %2.16
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000134

    Reflected XSS in wordpress plugin hdw-tube v1.2... Read more

    Affected Products : hdw-tube
    • EPSS Score: %2.16
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000133

    Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1... Read more

    Affected Products : forget_about_shortcode_buttons
    • EPSS Score: %3.00
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000132

    Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8... Read more

    Affected Products : tooltip_glossary
    • EPSS Score: %2.42
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000131

    Reflected XSS in wordpress plugin e-search v1.0... Read more

    Affected Products : e-search esearch
    • EPSS Score: %2.16
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000130

    Reflected XSS in wordpress plugin e-search v1.0... Read more

    Affected Products : e-search
    • EPSS Score: %1.67
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000129

    Reflected XSS in wordpress plugin defa-online-image-protector v3.3... Read more

    Affected Products : defa-online-image-protector
    • EPSS Score: %2.77
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000128

    Reflected XSS in wordpress plugin anti-plagiarism v3.60... Read more

    Affected Products : anti-plagiarism
    • EPSS Score: %2.93
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000127

    Reflected XSS in wordpress plugin ajax-random-post v2.00... Read more

    Affected Products : ajax-random-post
    • EPSS Score: %2.77
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000126

    Reflected XSS in wordpress plugin admin-font-editor v1.8... Read more

    Affected Products : admin-font-editor
    • EPSS Score: %2.77
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-8101

    The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local users to gain privileges via unspecified vectors.... Read more

    Affected Products : solid-state_drive_toolbox
    • EPSS Score: %0.04
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-8100

    Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack.... Read more

    Affected Products : integrated_performance_primitives
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 4.4

    MEDIUM
    CVE-2016-7423

    The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors in... Read more

    Affected Products : qemu
    • EPSS Score: %0.15
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-7099

    The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof... Read more

    Affected Products : node.js linux_enterprise
    • EPSS Score: %0.70
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-5325

    CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitt... Read more

    Affected Products : node.js linux_enterprise
    • EPSS Score: %0.33
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7117

    Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %4.79
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6696

    sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm inter... Read more

    Affected Products : android
    • EPSS Score: %0.22
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6695

    sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal bug CR... Read more

    Affected Products : android
    • EPSS Score: %0.25
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6694

    sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm internal bug CR 1033525.... Read more

    Affected Products : android
    • EPSS Score: %0.22
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6693

    sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027585.... Read more

    Affected Products : android
    • EPSS Score: %0.22
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291737 Results