Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-5721

    Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : zimbra_collaboration_server
    • EPSS Score: %0.41
    • Published: Aug. 29, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2015-5399

    Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to inject arbitrary web script or HTML via a comment.... Read more

    Affected Products : phpvibe
    • EPSS Score: %0.13
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-5683

    ReadyDesk 9.1 allows local users to determine cleartext SQL Server credentials by reading the SQL_Config.aspx file and decrypting data with a hardcoded key in the ReadyDesk.dll file.... Read more

    Affected Products : readydesk
    • EPSS Score: %0.08
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2016-5664

    Directory traversal vulnerability on Accellion Kiteworks appliances before kw2016.03.00 allows remote attackers to read files via a crafted URI.... Read more

    Affected Products : kiteworks kiteworks_appliance
    • EPSS Score: %0.48
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-5663

    Multiple cross-site scripting (XSS) vulnerabilities in oauth_callback.php on Accellion Kiteworks appliances before kw2016.03.00 allow remote attackers to inject arbitrary web script or HTML via the (1) code, (2) error, or (3) error_description parameter.... Read more

    Affected Products : kiteworks kiteworks_appliance
    • EPSS Score: %0.30
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-5662

    Accellion Kiteworks appliances before kw2016.03.00 use setuid-root permissions for /opt/bin/cli, which allows local users to gain privileges via unspecified vectors.... Read more

    Affected Products : kiteworks kiteworks_appliance
    • EPSS Score: %0.03
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5050

    Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary code by uploading and requesting a .aspx file.... Read more

    Affected Products : readydesk
    • EPSS Score: %3.43
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-5049

    Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk 9.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the SESID parameter in conjunction with a filename in the FNAME parameter.... Read more

    Affected Products : readydesk
    • EPSS Score: %0.79
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5048

    SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary SQL commands via the user name field.... Read more

    Affected Products : readydesk
    • EPSS Score: %1.00
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4378

    The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced... Read more

    • EPSS Score: %0.79
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4270

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.72
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4269

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.72
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4268

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.72
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4267

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.11
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4266

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.72
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4265

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.72
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4119

    Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.68
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-5383

    The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."... Read more

    • EPSS Score: %1.45
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-5023

    Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management ... Read more

    • EPSS Score: %2.10
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2016-1497

    The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (A... Read more

    • EPSS Score: %0.30
    • Published: Aug. 26, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291541 Results