Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.6

    HIGH
    CVE-2016-3241

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • EPSS Score: %16.93
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.6

    HIGH
    CVE-2016-3240

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • EPSS Score: %26.20
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-3239

    The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via vectors invol... Read more

    • EPSS Score: %0.81
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3238

    The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbitrary... Read more

    • EPSS Score: %16.05
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3204

    The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web sit... Read more

    Affected Products : internet_explorer
    • EPSS Score: %22.61
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 8.1

    HIGH
    CVE-2016-6174

    applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arb... Read more

    Affected Products : php invision_power_board
    • EPSS Score: %23.48
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-5850

    Cross-site scripting (XSS) vulnerability in the volume backup service module in Huawei Public Cloud Solution before 1.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : public_cloud_solution
    • EPSS Score: %0.09
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 8.1

    HIGH
    CVE-2016-5774

    The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5.3.2 might allow remote attackers to obtain sensitive credentials and other information via unspecified vectors, related to use of insecure cryptographic parameters.... Read more

    Affected Products : packetshaper_s-series
    • EPSS Score: %0.40
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-5009

    The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.... Read more

    • EPSS Score: %1.36
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4994

    Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.... Read more

    Affected Products : gimp
    • EPSS Score: %0.64
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4985

    The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that ... Read more

    Affected Products : openstack openstack_ironic
    • EPSS Score: %0.79
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-4428

    Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.... Read more

    • EPSS Score: %0.55
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-2219

    Cross-site scripting (XSS) vulnerability in the management interface in Palo Alto Networks PAN-OS 7.x before 7.0.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : pan-os
    • EPSS Score: %0.13
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-3192

    Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a c... Read more

    • EPSS Score: %1.23
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-5781

    Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file.... Read more

    Affected Products : levistudio
    • EPSS Score: %1.49
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 7.1

    HIGH
    CVE-2016-5308

    The Client Intrusion Detection System (CIDS) driver before 15.0.6 in Symantec Endpoint Protection (SEP) and before 15.1.2 in Norton Security allows remote attackers to cause a denial of service (memory corruption and system crash) via a malformed Portable... Read more

    • EPSS Score: %1.63
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4831

    Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : line line_installer
    • EPSS Score: %0.06
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4533

    Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file.... Read more

    Affected Products : levistudiou levistudio
    • EPSS Score: %1.02
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-4503

    Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserId value.... Read more

    • EPSS Score: %1.81
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025

  • 5.7

    MEDIUM
    CVE-2016-2206

    The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read arbitrar... Read more

    • EPSS Score: %0.53
    • Published: Jul. 12, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291221 Results