Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2016-1409

    The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug... Read more

    Affected Products : ios_xe ios nx-os ios_xr
    • Published: May. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1404

    Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by s... Read more

    Affected Products : ucs_invicta_c3124sa_appliance
    • Published: May. 29, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-1413

    The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517.... Read more

    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1410

    Cisco WebEx Meeting Center Original Release Base allows remote attackers to obtain sensitive information about username validity by (1) attending or (2) hosting a meeting, aka Bug ID CSCux84312.... Read more

    Affected Products : webex_meeting_center
    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2016-1379

    Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel pack... Read more

    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3681

    Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain priv... Read more

    Affected Products : mate_8_firmware mate_8
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3680

    Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain priv... Read more

    Affected Products : mate_8_firmware mate_8
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-0718

    Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.... Read more

    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2016-1385

    The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless S... Read more

    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-7360

    Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface (WebUI) in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) serial parameter to alerts/summary/profile/; the (2) urlFor... Read more

    Affected Products : fortisandbox_firmware fortisandbox
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-4792

    Pulse Connect Secure (PCS) 8.2 before 8.2r1 allows remote attackers to disclose sign in pages via unspecified vectors.... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 8.6

    HIGH
    CVE-2016-4791

    The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (S... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4790

    Cross-site scripting (XSS) vulnerability in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via un... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-4789

    Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2016-4788

    Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors.... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2016-4787

    Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read sensitive system authentication files in an unspecified directory via unknown vectors.... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4786

    Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r3, 8.0 before 8.0r11, and 7.4 before 7.4r13.4 allow remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4021

    The read_binary function in buffer.c in pgpdump before 0.30 allows context-dependent attackers to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by the \xa3\x03 string.... Read more

    Affected Products : fedora pgpdump
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2016-2784

    CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.... Read more

    Affected Products : cms_made_simple
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-4575

    Cross-site scripting (XSS) vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00 before AL00C00B361, CL00C92 before CL00C92B361, TL00HC01 bef... Read more

    • Published: May. 25, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293350 Results