Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-5745

    F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF11, 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2 allow remote attackers to modif... Read more

    Affected Products : big-ip_local_traffic_manager
    • EPSS Score: %3.89
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4551

    The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621.... Read more

    Affected Products : netweaver sap_aba sap_basis
    • EPSS Score: %0.29
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1246

    Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message.... Read more

    Affected Products : debian_linux perl dbd-mysql
    • EPSS Score: %1.14
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-8343

    Directory traversal vulnerability in INDAS Web SCADA before 3 allows remote attackers to read arbitrary files via unspecified vectors.... Read more

    Affected Products : web_scada
    • EPSS Score: %7.94
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2016-6420

    Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467.... Read more

    Affected Products : firesight_system_software
    • EPSS Score: %0.05
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6419

    SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.... Read more

    • EPSS Score: %0.54
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-5983

    IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %13.76
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-5901

    Cross-site scripting (XSS) vulnerability in a test page in IBM Business Process Manager Advanced 8.5.6.0 through 8.5.7.0 before cumulative fix 2016.09 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : business_process_manager
    • EPSS Score: %0.17
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-5892

    Cross-site scripting (XSS) vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.5_2, allows remote authenticated users to inject arbitrary web script or HTML via unspeci... Read more

    • EPSS Score: %0.17
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5686

    Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it easier for remote attackers to bypass authentication via a custom communication protocol.... Read more

    • EPSS Score: %3.01
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5086

    Johnson & Johnson Animas OneTouch Ping devices allow remote attackers to bypass authentication via replay attacks.... Read more

    • EPSS Score: %3.01
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-5085

    Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which makes it easier for remote attackers to spoof meters by sniffing the network and then engaging in an authentication handshake.... Read more

    • EPSS Score: %3.20
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-5084

    Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network.... Read more

    • EPSS Score: %1.72
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 8.1

    HIGH
    CVE-2016-4390

    The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4389.... Read more

    Affected Products : keyview
    • EPSS Score: %2.02
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 8.1

    HIGH
    CVE-2016-4389

    The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4390.... Read more

    Affected Products : keyview
    • EPSS Score: %2.02
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 8.1

    HIGH
    CVE-2016-4388

    The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4389, and CVE-2016-4390.... Read more

    Affected Products : keyview
    • EPSS Score: %2.02
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 8.1

    HIGH
    CVE-2016-4387

    The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4388, CVE-2016-4389, and CVE-2016-4390.... Read more

    Affected Products : keyview
    • EPSS Score: %2.29
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 8.6

    HIGH
    CVE-2016-2308

    American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application store passwords in cleartext, which allows remote attackers to obtain sensitive inform... Read more

    • EPSS Score: %0.34
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2307

    American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application allow remote attackers to read arbitrary files via unspecified vectors, as demonstrate... Read more

    • EPSS Score: %0.29
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025

  • 9.4

    HIGH
    CVE-2014-5415

    Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service... Read more

    Affected Products : twincat embedded_pc_images
    • EPSS Score: %0.79
    • Published: Oct. 05, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291728 Results