Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2016-4913

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unsp...

Affected Products : linux_kernel ubuntu_linux linux suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_debuginfo
Published: May. 23, 2016

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2016-4805

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a networ...

Affected Products : linux_kernel ubuntu_linux enterprise_linux linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_workstation_extension suse_linux_enterprise_module_for_public_cloud +2 more products
Published: May. 23, 2016

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2016-4794

Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls....

Affected Products : linux_kernel ubuntu_linux
Published: May. 23, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2016-4581

fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mo...

Affected Products : linux_kernel ubuntu_linux linux
Published: May. 23, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2016-4580

The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Requ...

Affected Products : linux_kernel ubuntu_linux
Published: May. 23, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2016-4578

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_...

Affected Products : linux_kernel ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation leap enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server_tus +1 more products
Published: May. 23, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2016-4569

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer inte...

Affected Products : linux_kernel ubuntu_linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension
Published: May. 23, 2016

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2016-4568

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a crafted number of planes in a VIDIOC_DQBUF ioctl call...

Affected Products : linux_kernel
Published: May. 23, 2016

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2016-4565

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interfac...

Affected Products : linux_kernel ubuntu_linux debian_linux
Published: May. 23, 2016

Modified: Apr. 12, 2025
7.0

HIGH

CVE-2016-4558

The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb...

Affected Products : linux_kernel ubuntu_linux
Published: May. 23, 2016

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2016-4557

The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF i...

Affected Products : linux_kernel
Published: May. 23, 2016

Modified: Apr. 12, 2025
3.3

LOW

CVE-2016-4486

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message....

Affected Products : linux_kernel ubuntu_linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension
Published: May. 23, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2016-4485

The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message....

Affected Products : linux_kernel ubuntu_linux suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_debuginfo
Published: May. 23, 2016

Modified: Apr. 12, 2025
6.2

MEDIUM

CVE-2016-4482

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO io...

Affected Products : linux_kernel ubuntu_linux fedora suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud +1 more products
Published: May. 23, 2016

Modified: Apr. 12, 2025
5.3

MEDIUM

CVE-2016-2190

Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log....

Affected Products : moodle
Published: May. 22, 2016

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2016-2159

The save_submission function in mod/assign/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote authenticated users to bypass intended due-date restrictions by leverag...

Affected Products : moodle
Published: May. 22, 2016

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2016-2158

lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attackers to obtain sensitive category-detail information from ...

Affected Products : moodle
Published: May. 22, 2016

Modified: Apr. 12, 2025
8.8

HIGH

CVE-2016-2157

Cross-site request forgery (CSRF) vulnerability in mod/assign/adminmanageplugins.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote attackers to hijack the authentication of adm...

Affected Products : moodle
Published: May. 22, 2016

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2016-2156

calendar/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 provides calendar-event data without considering whether an activity is hidden, which allows remote authenticated users...

Affected Products : moodle
Published: May. 22, 2016

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2016-2155

The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/grade:manage capability, which allows remote authenticated users to modify "Exclude grade" s...

Affected Products : moodle
Published: May. 22, 2016

Modified: Apr. 12, 2025

Showing 20 of 292803 Results

Browse by Apps

Latest CVE Feed

7.8

7.8

7.8

5.5

7.5

5.5

5.5

7.8

7.8

7.0

7.8

3.3

7.5

6.2

5.3

4.3

4.3

8.8

4.3

4.3

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable