Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2016-6427

    Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary users, a... Read more

    • EPSS Score: %0.13
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6425

    Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted URL,... Read more

    • EPSS Score: %0.30
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-6424

    The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942.... Read more

    • EPSS Score: %0.68
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6422

    Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote attackers to bypass intended access restrictions by sending packets that sho... Read more

    Affected Products : ios
    • EPSS Score: %0.21
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6027

    The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information or modify da... Read more

    Affected Products : sterling_secure_proxy
    • EPSS Score: %0.24
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-6026

    The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows man-in-the-middle attackers to obtain sensitive information via an HTTP method that is neither GET nor POST.... Read more

    Affected Products : sterling_secure_proxy
    • EPSS Score: %0.07
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-6025

    The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to obtain access by leveraging an unattended workstation to conduct a post-logoff session-reuse attack involvi... Read more

    Affected Products : sterling_secure_proxy
    • EPSS Score: %0.20
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6023

    Directory traversal vulnerability in the Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to read arbitrary files via a crafted URL.... Read more

    Affected Products : sterling_secure_proxy
    • EPSS Score: %0.22
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 7.1

    HIGH
    CVE-2016-1454

    Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP... Read more

    • EPSS Score: %1.40
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1453

    Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701.... Read more

    Affected Products : nx-os nx-os
    • EPSS Score: %26.08
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6393

    Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via malformed IPv4 DHCP packets to the DHCPv4 relay agent... Read more

    • EPSS Score: %0.99
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-0721

    Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via cra... Read more

    • EPSS Score: %0.14
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6392

    Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) sm... Read more

    • EPSS Score: %1.34
    • Published: Oct. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7020

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • EPSS Score: %3.86
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6426

    The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to create user accounts by visiting an unspecified web ... Read more

    • EPSS Score: %0.24
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-6423

    The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540.... Read more

    Affected Products : ios
    • EPSS Score: %0.44
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-6421

    Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643.... Read more

    Affected Products : ios_xr
    • EPSS Score: %0.55
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6393

    The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an e... Read more

    Affected Products : ios_xe ios
    • EPSS Score: %8.65
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-6391

    Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036.... Read more

    Affected Products : ios
    • EPSS Score: %0.74
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-6385

    Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.... Read more

    Affected Products : ios_xe ios
    • EPSS Score: %3.57
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291728 Results