Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-1000128

    Reflected XSS in wordpress plugin anti-plagiarism v3.60... Read more

    Affected Products : anti-plagiarism
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000127

    Reflected XSS in wordpress plugin ajax-random-post v2.00... Read more

    Affected Products : ajax-random-post
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1000126

    Reflected XSS in wordpress plugin admin-font-editor v1.8... Read more

    Affected Products : admin-font-editor
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-8101

    The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local users to gain privileges via unspecified vectors.... Read more

    Affected Products : solid-state_drive_toolbox
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-8100

    Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack.... Read more

    Affected Products : integrated_performance_primitives
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 4.4

    MEDIUM
    CVE-2016-7423

    The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors in... Read more

    Affected Products : qemu
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-7099

    The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof... Read more

    Affected Products : node.js linux_enterprise
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-5325

    CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitt... Read more

    Affected Products : node.js linux_enterprise
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7117

    Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6696

    sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm inter... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6695

    sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal bug CR... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6694

    sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm internal bug CR 1033525.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6693

    sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027585.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6692

    drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug C... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-6691

    service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an access point that has... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 7.1

    HIGH
    CVE-2016-6690

    The sound driver in the kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Nexus Player devices allows attackers to cause a denial of service (reboot) via a crafted application, aka internal bug 28838221.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6689

    Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6688

    The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6687

    The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6686

    The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293350 Results