Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2016-3993

    Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-2860

    The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creat... Read more

    Affected Products : debian_linux openafs
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-8312

    Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes.... Read more

    Affected Products : debian_linux openafs
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2015-8099

    F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, ... Read more

    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9771

    Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9764

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9763

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9762

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2011-5326

    imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2850

    Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.... Read more

    Affected Products : fedora botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2849

    Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.... Read more

    Affected Products : fedora debian_linux botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2196

    Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors.... Read more

    Affected Products : botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2195

    Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow.... Read more

    Affected Products : debian_linux botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2194

    The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.... Read more

    Affected Products : debian_linux botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2099

    Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.... Read more

    Affected Products : opensuse xerces-c\+\+
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1580

    The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap... Read more

    Affected Products : ubuntu_linux ubuntu-core-launcher
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-1578

    Use-after-free vulnerability in Oxide allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to responding synchronously to permission requests.... Read more

    Affected Products : ubuntu_linux oxide
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-7827

    Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.... Read more

    Affected Products : fedora debian_linux botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-5727

    The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.... Read more

    Affected Products : debian_linux botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-5726

    The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.... Read more

    Affected Products : debian_linux botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292847 Results