Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-5834

    Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerabil... Read more

    Affected Products : wordpress
    • EPSS Score: %0.82
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-5833

    Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vu... Read more

    Affected Products : wordpress
    • EPSS Score: %0.82
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-5832

    The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.... Read more

    Affected Products : wordpress
    • EPSS Score: %1.59
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-5101

    Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message.... Read more

    Affected Products : windows opera_mail
    • EPSS Score: %1.06
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1237

    nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2012-6703

    Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 8.1

    HIGH
    CVE-2016-0304

    The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via u... Read more

    Affected Products : domino
    • EPSS Score: %1.11
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-0298

    Directory traversal vulnerability in IBM Security Guardium Database Activity Monitor 10 before 10.0p100 allows remote authenticated users to read arbitrary files via a crafted URL.... Read more

    • EPSS Score: %0.36
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.7

    HIGH
    CVE-2016-0267

    IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 allows remote authenticated users to obtain sensitive cleartext secure-property information via (1) the server UI or (2) a database request.... Read more

    Affected Products : urbancode_deploy
    • EPSS Score: %0.20
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2016-0263

    IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command.... Read more

    • EPSS Score: %0.04
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0260

    Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service (heap memory consumption) by triggering many errors.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.66
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-8699

    Multiple cross-site scripting (XSS) vulnerabilities in CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allow remote attackers to inject arbitrary... Read more

    • EPSS Score: %0.38
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.1

    HIGH
    CVE-2015-8698

    CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allows remote attackers to read arbitrary files or cause a denial of service via a request contai... Read more

    • EPSS Score: %0.26
    • Published: Jun. 29, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-0233

    SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : marketing_platform
    • EPSS Score: %0.48
    • Published: Jun. 28, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-0229

    Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.... Read more

    Affected Products : marketing_platform
    • EPSS Score: %0.22
    • Published: Jun. 28, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-0224

    SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : marketing_platform
    • EPSS Score: %0.52
    • Published: Jun. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-5829

    Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAG... Read more

    • EPSS Score: %0.05
    • Published: Jun. 27, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-5828

    The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and s... Read more

    • EPSS Score: %0.11
    • Published: Jun. 27, 2016
    • Modified: Apr. 12, 2025

  • 6.3

    MEDIUM
    CVE-2016-5728

    Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and ... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.01
    • Published: Jun. 27, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-5244

    The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.... Read more

    • EPSS Score: %0.64
    • Published: Jun. 27, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291255 Results