Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2016-3161

For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enab...

Affected Products : geforce_experience geforce_gt_710 geforce_gt_730 geforce_gtx_1050 geforce_gtx_1060 geforce_gtx_1070 geforce_gtx_1080 quadro_m1000m quadro_m2000 quadro_m2000m +30 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7865

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7864

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7863

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player mac_os_x +3 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7862

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7861

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7860

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7859

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7858

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2016-7857

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution....

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
6.1

MEDIUM

CVE-2016-7851

Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks....

Affected Products : connect
Published: Nov. 08, 2016

Modified: Apr. 12, 2025
8.8

HIGH

CVE-2016-9242

Multiple SQL injection vulnerabilities in the update method in framework/modules/core/controllers/expRatingController.php in Exponent CMS 2.4.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) content_type or (2) subtype para...

Affected Products : exponent_cms
Published: Nov. 07, 2016

Modified: Apr. 12, 2025
6.8

MEDIUM

CVE-2016-9111

Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could no...

Affected Products : receiver_desktop
Published: Nov. 07, 2016

Modified: Apr. 12, 2025
6.0

MEDIUM

CVE-2016-8910

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count....

Affected Products : enterprise_linux debian_linux leap openstack qemu virtualization
Published: Nov. 04, 2016

Modified: Apr. 12, 2025
6.0

MEDIUM

CVE-2016-8909

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position....

Affected Products : enterprise_linux debian_linux leap openstack qemu virtualization
Published: Nov. 04, 2016

Modified: Apr. 12, 2025
8.1

HIGH

CVE-2016-8870

The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow U...

Affected Products : joomla\!
Published: Nov. 04, 2016

Modified: Apr. 12, 2025
9.8

CRITICAL

CVE-2016-8869

The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site....

Affected Products : joomla\!
Published: Nov. 04, 2016

Modified: Apr. 12, 2025
6.0

MEDIUM

CVE-2016-8669

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than ba...

Affected Products : enterprise_linux debian_linux leap openstack qemu virtualization
Published: Nov. 04, 2016

Modified: Apr. 12, 2025
6.0

MEDIUM

CVE-2016-8668

The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size....

Affected Products : leap qemu
Published: Nov. 04, 2016

Modified: Apr. 12, 2025
6.0

MEDIUM

CVE-2016-8667

The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value....

Affected Products : debian_linux leap qemu
Published: Nov. 04, 2016

Modified: Apr. 12, 2025

Showing 20 of 292812 Results

Browse by Apps

Latest CVE Feed

7.8

9.3

9.3

9.3

9.3

9.3

9.3

9.3

9.3

9.3

6.1

8.8

6.8

6.0

6.0

8.1

9.8

6.0

6.0

6.0

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable