Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2016-4749

    Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-4747

    Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.17
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-4746

    The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.46
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-4741

    The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.67
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2016-4740

    Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4719

    The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application.... Read more

    Affected Products : iphone_os watchos
    • EPSS Score: %0.23
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4705

    otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704.... Read more

    Affected Products : xcode
    • EPSS Score: %0.15
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4704

    otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705.... Read more

    Affected Products : xcode
    • EPSS Score: %0.05
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-4620

    The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.26
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-1433

    Cisco IOS XR 6.0 and 6.0.1 on NCS 6000 devices allows remote attackers to cause a denial of service (OSPFv3 process reload) via crafted OSPFv3 packets, aka Bug ID CSCuz66289.... Read more

    Affected Products : ios_xr
    • EPSS Score: %0.55
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6643

    Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : vipr_srm
    • EPSS Score: %0.22
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6642

    Cross-site request forgery (CSRF) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to hijack the authentication of administrators for requests that upload files.... Read more

    Affected Products : vipr_srm
    • EPSS Score: %0.07
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 7.6

    HIGH
    CVE-2016-6641

    Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : vipr_srm
    • EPSS Score: %0.20
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6639

    Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs d... Read more

    • EPSS Score: %0.61
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-0930

    Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH access by connecting within an installation-time period ... Read more

    Affected Products : operations_manager
    • EPSS Score: %0.34
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0929

    The metrics-collection component in RabbitMQ for Pivotal Cloud Foundry (PCF) 1.6.x before 1.6.4 logs command lines of failed commands, which might allow context-dependent attackers to obtain sensitive information by reading the log data, as demonstrated b... Read more

    Affected Products : rabbitmq
    • EPSS Score: %0.31
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 7.4

    HIGH
    CVE-2016-0928

    Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.30 and 1.7.x before 1.7.8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.... Read more

    Affected Products : cloud_foundry_elastic_runtime
    • EPSS Score: %0.22
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-0927

    Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : cloud_foundry_elastic_runtime
    • EPSS Score: %0.25
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-0926

    Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.32 and 1.7.x before 1.7.8 allows remote attackers to inject arbitrary web script or HTML via unspecified input that improperly interacts wit... Read more

    Affected Products : cloud_foundry_elastic_runtime
    • EPSS Score: %0.32
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0923

    The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic p... Read more

    Affected Products : bsafe rsa_bsafe
    • EPSS Score: %0.58
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291659 Results