Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.5

HIGH

CVE-2015-8930

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself....

Affected Products : ubuntu_linux linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit libarchive
EPSS Score: %4.80

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8929

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file....

Affected Products : linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit libarchive
EPSS Score: %0.27

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8928

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file....

Affected Products : ubuntu_linux linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit libarchive
EPSS Score: %0.30

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8927

The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password....

Affected Products : libarchive
EPSS Score: %0.22

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8926

The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive....

Affected Products : ubuntu_linux linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit libarchive
EPSS Score: %0.41

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8925

The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing....

Affected Products : ubuntu_linux linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit libarchive
EPSS Score: %0.51

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8924

The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file....

Affected Products : ubuntu_linux libarchive suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
EPSS Score: %0.33

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
6.5

MEDIUM

CVE-2015-8923

The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file....

Affected Products : ubuntu_linux libarchive suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
EPSS Score: %2.19

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8922

The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct....

Affected Products : ubuntu_linux linux libarchive suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
EPSS Score: %0.37

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2015-8921

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file....

Affected Products : ubuntu_linux libarchive suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
EPSS Score: %3.66

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8920

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file....

Affected Products : ubuntu_linux libarchive suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
EPSS Score: %0.50

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2015-8919

The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file....

Affected Products : ubuntu_linux libarchive suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
EPSS Score: %6.37

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2015-8918

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."...

Affected Products : libarchive suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
EPSS Score: %2.04

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2015-8917

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file....

Affected Products : ubuntu_linux debian_linux libarchive
EPSS Score: %5.59

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
6.5

MEDIUM

CVE-2015-8916

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file...

Affected Products : ubuntu_linux debian_linux libarchive
EPSS Score: %0.90

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8915

bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file....

Affected Products : libarchive
EPSS Score: %0.44

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2016-6537

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l store passwords in a cleartext base64 format and require cleartext credentials in HTTP Cookie headers, which allows context-dependent attacks to obtain sensitive information by reading these ...

Affected Products : eh6108h\+_firmware eh6108h\+
EPSS Score: %0.23

Published: Sep. 19, 2016

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2016-6536

The /setup URI on AVer Information EH6108H+ devices with firmware X9.03.24.00.07l allows remote attackers to bypass intended page-access restrictions or modify passwords by leveraging knowledge of a handle parameter value....

Affected Products : eh6108h\+_firmware eh6108h\+
EPSS Score: %0.80

Published: Sep. 19, 2016

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2016-6535

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session....

Affected Products : eh6108h\+_firmware eh6108h\+
EPSS Score: %0.73

Published: Sep. 19, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2016-6415

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security ...

Affected Products : ios_xe ios ios_xr
Actively Exploited

EPSS Score: %92.95

Published: Sep. 19, 2016

Modified: Apr. 12, 2025

Showing 20 of 291728 Results

Latest CVE Feed

7.5

5.5

5.5

5.5

5.5

5.5

5.5

6.5

5.5

7.5

5.5

7.5

7.5

7.5

6.5

5.5

7.5

10.0

10.0

7.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable