Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2016-2285

    Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_... Read more

    • Published: May. 31, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-0879

    Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.... Read more

    Affected Products : edr-g903_firmware edr-g903
    • Published: May. 31, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-0878

    Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests.... Read more

    Affected Products : edr-g903_firmware edr-g903
    • Published: May. 31, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-0877

    Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function.... Read more

    Affected Products : edr-g903_firmware edr-g903
    • Published: May. 31, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0876

    Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.... Read more

    Affected Products : edr-g903_firmware edr-g903
    • Published: May. 31, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0875

    Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.... Read more

    Affected Products : edr-g903_firmware edr-g903
    • Published: May. 31, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4118

    Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors.... Read more

    Affected Products : connect windows
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-2311

    Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remot... Read more

    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 8.0

    HIGH
    CVE-2016-2309

    iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.... Read more

    Affected Products : ruh2
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2025

    HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components.... Read more

    Affected Products : service_manager
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-2023

    HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : restful_interface_tool
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1999

    The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.... Read more

    Affected Products : release_control
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-0907

    EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by mo... Read more

    Affected Products : isilon_onefs isilonsd_edge_onefs
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1409

    The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug... Read more

    Affected Products : ios_xe ios nx-os ios_xr
    • Published: May. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1404

    Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by s... Read more

    Affected Products : ucs_invicta_c3124sa_appliance
    • Published: May. 29, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-1413

    The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517.... Read more

    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1410

    Cisco WebEx Meeting Center Original Release Base allows remote attackers to obtain sensitive information about username validity by (1) attending or (2) hosting a meeting, aka Bug ID CSCux84312.... Read more

    Affected Products : webex_meeting_center
    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2016-1379

    Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel pack... Read more

    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3681

    Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain priv... Read more

    Affected Products : mate_8_firmware mate_8
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3680

    Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain priv... Read more

    Affected Products : mate_8_firmware mate_8
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292803 Results