Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-6452

    A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. Cisco Prime Home versions 5.1.1.6 an... Read more

    Affected Products : prime_home
    • EPSS Score: %3.92
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6451

    Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. M... Read more

    Affected Products : prime_collaboration_provisioning
    • EPSS Score: %0.49
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6448

    A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Serv... Read more

    Affected Products : meeting_server
    • EPSS Score: %7.59
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6447

    A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1, Acano... Read more

    Affected Products : meeting_server meeting_app
    • EPSS Score: %7.59
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6441

    A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Serie... Read more

    Affected Products : ios_xe ios_xe
    • EPSS Score: %3.45
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-6430

    A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known ... Read more

    • EPSS Score: %0.06
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6429

    A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. More Information: CSCva47092. Known Affected Releas... Read more

    • EPSS Score: %0.27
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-9136

    Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context-dependent attackers to obtain sensitive information by using the "crafted JavaScript" approach, related to a "Buffer Over-read" issue.... Read more

    Affected Products : mujs
    • EPSS Score: %0.24
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-9135

    Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/framework/modules/help/controllers/helpController.php" affecting the version parameter. Impact is Information Disclosure.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.53
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-9134

    Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/expPaginator.php" affecting the order parameter. Impact is Information Disclosure.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.95
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-9086

    GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions... Read more

    Affected Products : gitlab
    • EPSS Score: %13.49
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-7453

    The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.53
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-7452

    The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %1.06
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-7402

    SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.... Read more

    • EPSS Score: %0.25
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-7160

    A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248.... Read more

    Affected Products : samsung_mobile
    • EPSS Score: %0.44
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-7095

    Exponent CMS before 2.3.9 is vulnerable to an attacker uploading a malicious script file using redirection to place the script in an unprotected folder, one allowing script execution.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %1.20
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4025

    Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.... Read more

    • EPSS Score: %0.06
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-8969

    git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to "cd " and "git clone " commands in the library.... Read more

    Affected Products : git-fastclone git-fastclone
    • EPSS Score: %2.49
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-8968

    git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacker can instruct a user to run a recursive clone from a repository they control, they can get a client to run an arbitrary shell command. Alternately, if an ... Read more

    Affected Products : git-fastclone git-fastclone
    • EPSS Score: %2.90
    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-8864

    named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive quer... Read more

    • EPSS Score: %43.01
    • Published: Nov. 02, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292495 Results