Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-0640

    Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors relate... Read more

    • EPSS Score: %0.25
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0639

    Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.... Read more

    Affected Products : enterprise_linux mysql
    • EPSS Score: %17.04
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-0638

    Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %65.67
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2016-0623

    Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component.... Read more

    Affected Products : solaris
    • EPSS Score: %0.23
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-0479

    Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics ... Read more

    • EPSS Score: %0.19
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-0469

    Unspecified vulnerability in the Oracle Retail MICROS C2 component in Oracle Retail Applications 9.89.0.0 allows local users to affect confidentiality via vectors related to POS.... Read more

    Affected Products : micros_c2
    • EPSS Score: %0.06
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-0468

    Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to ... Read more

    • EPSS Score: %0.13
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-0408

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to the Activity Guide sub-component.... Read more

    Affected Products : peoplesoft_enterprise_peopletools
    • EPSS Score: %0.18
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-0407

    Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Fusion HR Talent Integration.... Read more

    • EPSS Score: %0.18
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6479

    ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspeci... Read more

    Affected Products : aleos es440 es450 gx400 gx440 gx450 ls300
    • EPSS Score: %0.02
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6360

    The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.... Read more

    • EPSS Score: %17.94
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-2202

    The Inventory Solution component in the Management Agent in the client in Symantec Altiris IT Management Suite (ITMS) through 7.6 HF7 allows local users to bypass intended application-blacklist restrictions via unspecified vectors.... Read more

    Affected Products : altiris_it_management_suite
    • EPSS Score: %0.06
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-2003

    HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collectio... Read more

    • EPSS Score: %1.05
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2002

    The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417.... Read more

    Affected Products : vertica
    • EPSS Score: %9.45
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1384

    The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898.... Read more

    Affected Products : ios_xe ios
    • EPSS Score: %0.16
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-0891

    Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators.... Read more

    Affected Products : vipr_srm
    • EPSS Score: %3.09
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-8842

    tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.... Read more

    Affected Products : opensuse
    • EPSS Score: %0.07
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-7802

    gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file.... Read more

    Affected Products : ubuntu_linux optipng
    • EPSS Score: %0.42
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-7801

    Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers to execute arbitrary code via a crafted PNG file.... Read more

    Affected Products : ubuntu_linux optipng
    • EPSS Score: %2.39
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2014-9770

    tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.... Read more

    Affected Products : opensuse
    • EPSS Score: %0.10
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292118 Results