Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2016-2025

    HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components.... Read more

    Affected Products : service_manager
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-2023

    HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : restful_interface_tool
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1999

    The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.... Read more

    Affected Products : release_control
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-0907

    EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by mo... Read more

    Affected Products : isilon_onefs isilonsd_edge_onefs
    • Published: May. 30, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1409

    The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug... Read more

    Affected Products : ios_xe ios nx-os ios_xr
    • Published: May. 29, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1404

    Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by s... Read more

    Affected Products : ucs_invicta_c3124sa_appliance
    • Published: May. 29, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-1413

    The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517.... Read more

    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1410

    Cisco WebEx Meeting Center Original Release Base allows remote attackers to obtain sensitive information about username validity by (1) attending or (2) hosting a meeting, aka Bug ID CSCux84312.... Read more

    Affected Products : webex_meeting_center
    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2016-1379

    Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel pack... Read more

    • Published: May. 28, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3681

    Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain priv... Read more

    Affected Products : mate_8_firmware mate_8
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3680

    Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain priv... Read more

    Affected Products : mate_8_firmware mate_8
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-0718

    Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.... Read more

    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2016-1385

    The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless S... Read more

    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-7360

    Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface (WebUI) in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) serial parameter to alerts/summary/profile/; the (2) urlFor... Read more

    Affected Products : fortisandbox_firmware fortisandbox
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-4792

    Pulse Connect Secure (PCS) 8.2 before 8.2r1 allows remote attackers to disclose sign in pages via unspecified vectors.... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 8.6

    HIGH
    CVE-2016-4791

    The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (S... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4790

    Cross-site scripting (XSS) vulnerability in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via un... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-4789

    Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2016-4788

    Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors.... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2016-4787

    Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read sensitive system authentication files in an unspecified directory via unknown vectors.... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Published: May. 26, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293354 Results