Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.6

    MEDIUM
    CVE-2016-4811

    The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified vectors.... Read more

    Affected Products : japan_connected-free_wi-fi
    • EPSS Score: %0.44
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-4530

    OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to cause a denial of service (service outage and data loss) via a message.... Read more

    Affected Products : pi_sql_data_access_server_2016
    • EPSS Score: %0.56
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-4518

    OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service (service outage) via a message.... Read more

    Affected Products : pi_af_server_2016
    • EPSS Score: %0.41
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.7

    HIGH
    CVE-2016-4514

    Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy.... Read more

    Affected Products : pt-7728 pt-7728_firmware
    • EPSS Score: %0.26
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2016-1864

    The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL.... Read more

    Affected Products : iphone_os safari
    • EPSS Score: %0.55
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-1862

    Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.17
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1861

    The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.87
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-1860

    Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.17
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-1196

    Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776.... Read more

    Affected Products : garoon
    • EPSS Score: %0.18
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-1192

    Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors.... Read more

    Affected Products : garoon
    • EPSS Score: %0.30
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-1191

    Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors.... Read more

    Affected Products : garoon
    • EPSS Score: %0.60
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-0912

    EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an un... Read more

    Affected Products : data_domain_os emc_data_domain_os
    • EPSS Score: %1.12
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 8.2

    HIGH
    CVE-2016-0911

    EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default no_root_squash option for NFS exports, which makes it easier for remote attackers to obtain filesystem access by leveraging client root privileges.... Read more

    Affected Products : data_domain_os emc_data_domain_os
    • EPSS Score: %0.35
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 8.4

    HIGH
    CVE-2016-0392

    IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a c... Read more

    • EPSS Score: %0.06
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-7776

    Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different vulnerability than CVE-2016-1196.... Read more

    Affected Products : garoon
    • EPSS Score: %0.56
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 4.4

    MEDIUM
    CVE-2015-7462

    IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to discover cleartext certificate-keystore passwords within MQ trace output by leveraging administrator privileges to execute the mqcertck program.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.03
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1226

    Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : internet_security
    • EPSS Score: %0.37
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-1225

    Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors.... Read more

    Affected Products : internet_security
    • EPSS Score: %0.75
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1197

    Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775.... Read more

    Affected Products : garoon
    • EPSS Score: %0.32
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.4

    HIGH
    CVE-2016-1195

    Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.... Read more

    Affected Products : garoon
    • EPSS Score: %0.27
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291358 Results