Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2015-8871

    Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.... Read more

    Affected Products : openjpeg debian_linux
    • EPSS Score: %2.73
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6530

    Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords.... Read more

    Affected Products : cdr_dicom
    • EPSS Score: %1.61
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2016-4384

    HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.... Read more

    Affected Products : performance_center loadrunner
    • EPSS Score: %3.54
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 8.3

    HIGH
    CVE-2016-4382

    HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue.... Read more

    Affected Products : performance_center
    • EPSS Score: %0.12
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-0925

    Cross-site scripting (XSS) vulnerability in the Case Management application in EMC RSA Adaptive Authentication (On-Premise) before 6.0.2.1.SP3.P4 HF210, 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50, and 7.2.x before 7.2.0.0.SP0.P0 HF20 allows remote authent... Read more

    • EPSS Score: %0.24
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 6.9

    MEDIUM
    CVE-2016-0921

    Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program.... Read more

    Affected Products : avamar_server
    • EPSS Score: %0.10
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-0920

    Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration.... Read more

    Affected Products : avamar_server
    • EPSS Score: %0.13
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-0917

    The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra (all supported versions) does n... Read more

    • EPSS Score: %4.13
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2016-0905

    Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.... Read more

    Affected Products : avamar_server
    • EPSS Score: %0.14
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 8.6

    HIGH
    CVE-2016-0904

    Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain se... Read more

    Affected Products : avamar_server
    • EPSS Score: %0.31
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 9.1

    CRITICAL
    CVE-2016-0903

    Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent.... Read more

    Affected Products : avamar_server
    • EPSS Score: %0.63
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 8.1

    HIGH
    CVE-2015-8960

    The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client sec... Read more

    • EPSS Score: %0.36
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-6802

    Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path.... Read more

    Affected Products : shiro
    • EPSS Score: %9.91
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-6662

    Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local us... Read more

    • EPSS Score: %88.48
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8934

    The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.... Read more

    • EPSS Score: %2.41
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8933

    Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.... Read more

    • EPSS Score: %0.31
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8932

    The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.... Read more

    • EPSS Score: %0.63
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-8931

    Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined be... Read more

    • EPSS Score: %0.30
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-8930

    bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.... Read more

    • EPSS Score: %4.80
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8929

    Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.... Read more

    • EPSS Score: %0.27
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291946 Results