Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.4

MEDIUM

CVE-2016-2986

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quality Manager 6.x before 6.0.1 iFix6, Rational Team Concert 6.x before 6.0.1 iFix6, Rational DOORS Next Generation 6.x before 6....

Affected Products : rational_doors_next_generation rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_team_concert
Published: Nov. 25, 2016

Modified: Apr. 12, 2025
7.0

HIGH

CVE-2016-2985

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid...

Affected Products : spectrum_scale general_parallel_file_system
Published: Nov. 25, 2016

Modified: Apr. 12, 2025
7.0

HIGH

CVE-2016-2984

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setu...

Affected Products : spectrum_scale general_parallel_file_system
Published: Nov. 25, 2016

Modified: Apr. 12, 2025
4.0

MEDIUM

CVE-2016-2947

IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 ...

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert
Published: Nov. 25, 2016

Modified: Apr. 12, 2025
6.5

MEDIUM

CVE-2016-2996

IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, allows remote authenticated users to append to arbitrary files via unspecified vectors....

Affected Products : security_privileged_identity_manager
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
5.4

MEDIUM

CVE-2016-2864

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7...

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2016-0378

IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3, when the installation lacks a default error page, allows remote attackers to obtain sensitive information by triggering an exception....

Affected Products : websphere_application_server
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2016-0372

IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be...

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2016-0353

IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its t...

Affected Products : security_privileged_identity_manager
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2016-0325

IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be...

Affected Products : rational_team_concert
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
5.4

MEDIUM

CVE-2016-0285

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7...

Affected Products : rational_team_concert
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2016-0284

The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 ...

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
5.4

MEDIUM

CVE-2016-0282

Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS....

Affected Products : lotus_inotes
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
5.4

MEDIUM

CVE-2016-0273

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7...

Affected Products : rational_doors_next_generation rational_collaborative_lifecycle_management rational_engineering_lifecycle_manager rational_quality_manager rational_rhapsody_design_manager rational_software_architect_design_manager rational_team_concert
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
2.9

LOW

CVE-2015-4961

IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 does not encrypt connections betwee...

Affected Products : tealeaf_customer_experience
Published: Nov. 24, 2016

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2016-1248

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened....

Affected Products : debian_linux vim
Published: Nov. 23, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2016-9567

The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phon...

Affected Products : samsung_mobile
Published: Nov. 23, 2016

Modified: Apr. 12, 2025
8.8

HIGH

CVE-2016-8673

A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (A...

Affected Products : simatic_cp_443-1_firmware simatic_cp_343-1_firmware simatic_s7_300_cpu_firmware simatic_s7_400_cpu_firmware simatic_cp_443-1 simatic_cp_343-1 simatic_s7_300_cpu simatic_s7_400_cpu
Published: Nov. 23, 2016

Modified: Apr. 12, 2025
5.3

MEDIUM

CVE-2016-8672

A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (A...

Affected Products : simatic_cp_443-1_firmware simatic_cp_343-1_firmware simatic_s7_300_cpu_firmware simatic_s7_400_cpu_firmware simatic_cp_443-1 simatic_cp_343-1 simatic_s7_300_cpu simatic_s7_400_cpu
Published: Nov. 23, 2016

Modified: Apr. 12, 2025
6.5

MEDIUM

CVE-2016-9563

BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909....

Affected Products : netweaver_application_server_java netweaver
Actively Exploited

Published: Nov. 23, 2016

Modified: Apr. 12, 2025

Showing 20 of 292802 Results

Browse by Apps

Latest CVE Feed

5.4

7.0

7.0

4.0

6.5

5.4

4.3

4.3

4.3

7.5

5.4

5.5

5.4

5.4

2.9

7.8

5.5

8.8

5.3

6.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable