Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2016-2212

    The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.9.2.3 allows remote attackers to obtain sensitive order ... Read more

    Affected Products : magento
    • EPSS Score: %0.13
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2146

    The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount of POS... Read more

    Affected Products : fedora mod_auth_mellon
    • EPSS Score: %0.65
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2145

    The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an error, which allows remote attackers to cause a denial of service (segmentation fault and process crash) via a crafted POST data.... Read more

    Affected Products : fedora mod_auth_mellon
    • EPSS Score: %0.80
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.6

    HIGH
    CVE-2016-2076

    Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 before 6.2.4.1 mishandles session content, which allows remote attackers to hijack se... Read more

    • EPSS Score: %0.44
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1274

    Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches allows remote attackers to cause a denial of service (PFE panic) via a high rate of unspecified VXLAN packets.... Read more

    • EPSS Score: %0.61
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-1273

    Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x before 15.1X53-D20 on QFX5100 and QFX10002 switches do not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic encryption and authentication pro... Read more

    Affected Products : junos qfx5100 qfx10002
    • EPSS Score: %0.18
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1271

    Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 ... Read more

    Affected Products : junos junos
    • EPSS Score: %0.04
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1270

    The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2... Read more

    Affected Products : junos junos
    • EPSS Score: %0.60
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1269

    Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R9, 13.2X51 before 13.2X51-D39, 13.3 before 13.3R8, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D3... Read more

    Affected Products : junos junos
    • EPSS Score: %2.89
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1268

    The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet.... Read more

    Affected Products : screenos
    • EPSS Score: %0.56
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.7

    MEDIUM
    CVE-2016-1267

    Race condition in the RPC functionality in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.3 before 13.3R7, 14... Read more

    Affected Products : junos junos
    • EPSS Score: %0.04
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-1264

    Race condition in the Op command in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 12.3X50 before 12.3X50-D50, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 1... Read more

    Affected Products : junos junos
    • EPSS Score: %0.81
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0889

    An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname.... Read more

    Affected Products : emc_unisphere unisphere
    • EPSS Score: %1.71
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2010-5325

    Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.... Read more

    • EPSS Score: %5.96
    • Published: Apr. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-8677

    Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus series switches with software V200R003C00 before V200R003... Read more

    • EPSS Score: %0.24
    • Published: Apr. 14, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-8676

    Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus... Read more

    • EPSS Score: %0.28
    • Published: Apr. 14, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-8336

    Huawei FusionCompute with software before V100R005C10SPC700 allows remote authenticated users to obtain sensitive "role and permission" information via unspecified vectors.... Read more

    • EPSS Score: %0.08
    • Published: Apr. 14, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-5247

    The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.... Read more

    Affected Products : ubuntu_linux libvirt
    • EPSS Score: %0.39
    • Published: Apr. 14, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2011-4600

    The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via... Read more

    Affected Products : ubuntu_linux libvirt
    • EPSS Score: %0.35
    • Published: Apr. 14, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4018

    The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to service functionality, which allows remote attackers to obtain sensitive information, gain privileges, and conduct unspecified other attacks via unspecified vector... Read more

    Affected Products : hana
    • EPSS Score: %0.41
    • Published: Apr. 14, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292321 Results