Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2016-1429

    Directory traversal vulnerability in the web interface on Cisco RV180 and RV180W devices allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuz43023.... Read more

    • EPSS Score: %0.96
    • Published: Aug. 08, 2016
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-6397

    Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that account, aka Bug IDs CSCuv90139, CSCux58175, and CSCux73557.... Read more

    • EPSS Score: %1.19
    • Published: Aug. 08, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6396

    The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567.... Read more

    • EPSS Score: %2.37
    • Published: Aug. 08, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-6515

    The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.... Read more

    Affected Products : fedora openssh
    • EPSS Score: %82.90
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-5340

    The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass int... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.02
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-2065

    sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (o... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.28
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-2064

    sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (b... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.24
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-2063

    Stack-based buffer overflow in the supply_lm_input_write function in drivers/thermal/supply_lm_core.c in the MSM Thermal driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.13
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-3854

    packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICE_POWER permission requirement via a broadcast intent with the PNW.stopSaver action, aka internal bug 20918350.... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2015-0573

    drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer de... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.30
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-0568

    Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, all... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.46
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2014-9410

    The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate a certain... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.25
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5146

    Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %0.56
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-5145

    Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin ... Read more

    Affected Products : chrome
    • EPSS Score: %1.44
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5144

    The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restr... Read more

    Affected Products : chrome
    • EPSS Score: %0.97
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5143

    The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restr... Read more

    Affected Products : chrome
    • EPSS Score: %1.27
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5142

    The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified ... Read more

    Affected Products : chrome
    • EPSS Score: %1.91
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-5141

    Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp.... Read more

    Affected Products : chrome
    • EPSS Score: %1.04
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5140

    Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPE... Read more

    Affected Products : chrome
    • EPSS Score: %2.38
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025

  • 7.6

    HIGH
    CVE-2016-5139

    Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other... Read more

    Affected Products : chrome
    • EPSS Score: %1.43
    • Published: Aug. 07, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291398 Results