Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2016-5404

    The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.... Read more

    Affected Products : fedora linux freeipa
    • EPSS Score: %0.66
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-8948

    idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.... Read more

    Affected Products : ubuntu_linux leap opensuse libidn
    • EPSS Score: %2.61
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7110

    Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109.... Read more

    Affected Products : uma
    • EPSS Score: %1.75
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7109

    Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110.... Read more

    Affected Products : uma
    • EPSS Score: %1.14
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-7108

    Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors.... Read more

    Affected Products : uma
    • EPSS Score: %0.17
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-7107

    Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors.... Read more

    Affected Products : uma
    • EPSS Score: %0.16
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6900

    The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers with software before V100R003C00SPC515; RH5885 V3 serve... Read more

    • EPSS Score: %0.06
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6899

    The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 serve... Read more

    • EPSS Score: %0.12
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 6.6

    MEDIUM
    CVE-2016-6898

    XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) vi... Read more

    Affected Products : e9000_chassis
    • EPSS Score: %0.17
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6876

    The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.... Read more

    • EPSS Score: %0.89
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6839

    CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.... Read more

    Affected Products : fusionaccess
    • EPSS Score: %0.15
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6838

    Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, CH140 V3 and CH226 V3 servers with software before V100R001C00SPC... Read more

    • EPSS Score: %0.12
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6825

    Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, and RH2288H V3 servers with software before V100R00... Read more

    • EPSS Score: %0.37
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-6670

    Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging know... Read more

    • EPSS Score: %0.14
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-6318

    Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.... Read more

    Affected Products : debian_linux leap cracklib
    • EPSS Score: %3.52
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6317

    Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions ... Read more

    Affected Products : rails activerecord
    • EPSS Score: %0.38
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-6316

    Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attri... Read more

    Affected Products : debian_linux rails ruby_on_rails
    • EPSS Score: %2.19
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.0

    HIGH
    CVE-2016-6184

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more

    Affected Products : honor_4c_firmware honor_4c
    • EPSS Score: %0.05
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.0

    HIGH
    CVE-2016-6183

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more

    Affected Products : honor_4c_firmware honor_4c
    • EPSS Score: %0.05
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6182

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more

    Affected Products : honor_4c_firmware honor_4c
    • EPSS Score: %0.10
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291541 Results