Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-1451

    Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID C... Read more

    Affected Products : meeting_server
    • EPSS Score: %0.25
    • Published: Jul. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1450

    Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715.... Read more

    Affected Products : webex_meetings_server
    • EPSS Score: %0.71
    • Published: Jul. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1449

    Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711.... Read more

    Affected Products : webex_meetings_server
    • EPSS Score: %0.30
    • Published: Jul. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1447

    Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194.... Read more

    Affected Products : webex_meetings_server
    • EPSS Score: %0.45
    • Published: Jul. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-1446

    SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200.... Read more

    Affected Products : webex_meetings_server
    • EPSS Score: %0.69
    • Published: Jul. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1426

    Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819.... Read more

    • EPSS Score: %0.74
    • Published: Jul. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-5821

    Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain SYSTEM privileges via a Trojan horse (1) SspiCli.dll or ... Read more

    Affected Products : hisuite
    • EPSS Score: %0.06
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-5109

    Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for iOS before 10.3.6 might allow physically proximate attackers to bypass in-application Apple Touch ID authentication via unspecified vectors, related to an application requiring re-authen... Read more

    Affected Products : xenmobile_mdx_toolkit worx_home
    • EPSS Score: %0.06
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2016-5092

    Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn feature.... Read more

    Affected Products : fortiweb
    • EPSS Score: %0.31
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-5008

    libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.... Read more

    Affected Products : debian_linux libvirt
    • EPSS Score: %2.53
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4974

    Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the use of classes available on the classpath, which might allow remote authenticated users with permission to send messages to deserialize arbitrary objects a... Read more

    Affected Products : amqp_0-x_jms_client jms_client_amqp
    • EPSS Score: %2.57
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-4066

    Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote attackers to hijack the authentication of administrators for requests that change the password via unspecified vectors.... Read more

    Affected Products : fortiweb
    • EPSS Score: %0.18
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 8.4

    HIGH
    CVE-2016-3100

    kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.... Read more

    Affected Products : leap opensuse kde_frameworks
    • EPSS Score: %0.07
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8808

    The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.... Read more

    • EPSS Score: %0.53
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-4255

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary ... Read more

    • EPSS Score: %2.08
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4254

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.25
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4252

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.25
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4251

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %2.11
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4250

    Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • EPSS Score: %5.72
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-4249

    Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors.... Read more

    • EPSS Score: %4.68
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291293 Results