Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2015-8652

    Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to ... Read more

    • EPSS Score: %5.73
    • Published: Mar. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-2283

    Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt data, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors.... Read more

    • EPSS Score: %0.42
    • Published: Mar. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-2282

    Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt credentials, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors.... Read more

    • EPSS Score: %0.57
    • Published: Mar. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-2244

    HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors.... Read more

    • EPSS Score: %0.70
    • Published: Mar. 04, 2016
    • Modified: Apr. 12, 2025

  • 7.9

    HIGH
    CVE-2016-2243

    Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access.... Read more

    • EPSS Score: %0.04
    • Published: Mar. 04, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-1359

    Cisco Prime Infrastructure 3.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP request that is mishandled during viewing of a log file, aka Bug ID CSCuw81494.... Read more

    Affected Products : prime_infrastructure
    • EPSS Score: %0.51
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 6.4

    MEDIUM
    CVE-2016-1358

    Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an X... Read more

    Affected Products : prime_infrastructure
    • EPSS Score: %0.49
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-1357

    The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID ... Read more

    Affected Products : cisco_policy_suite
    • EPSS Score: %0.17
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-1356

    Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing differences, aka Bug ID CSCuy41615.... Read more

    Affected Products : firesight_system_software
    • EPSS Score: %0.24
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-1288

    The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malf... Read more

    • EPSS Score: %0.44
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-1158

    Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH and CG-WLBARGNL devices allows remote attackers to hijack the authentication of administrators for requests that perform administrative functions.... Read more

    • EPSS Score: %0.18
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2016-0227

    Cross-site scripting (XSS) vulnerability in the document-list control implementation in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, and 8.5.5 and 8.5.6 through 8.5.6.2 allows remote authenticated users to inject arbitrar... Read more

    Affected Products : business_process_manager
    • EPSS Score: %0.24
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-7490

    IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a modified cookie.... Read more

    Affected Products : infosphere_information_server
    • EPSS Score: %0.13
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6260

    Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.... Read more

    • EPSS Score: %0.37
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-0718

    Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a ... Read more

    • EPSS Score: %5.96
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2842

    The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memory co... Read more

    Affected Products : openssl
    • EPSS Score: %66.47
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0799

    The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecif... Read more

    Affected Products : openssl client steel_belted_radius
    • EPSS Score: %63.08
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-0798

    Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to a... Read more

    Affected Products : openssl
    • EPSS Score: %16.54
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0797

    Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string th... Read more

    • EPSS Score: %13.93
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0705

    Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact v... Read more

    • EPSS Score: %21.56
    • Published: Mar. 03, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291891 Results