Latest CVE Feed
-
9.3
HIGHCVE-2016-0961
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers... Read more
Affected Products : android windows_10 windows_8.1 linux_kernel flash_player_desktop_runtime flash_player mac_os_x iphone_os chrome_os windows +5 more products- EPSS Score: %7.38
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-0960
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers... Read more
Affected Products : android windows_10 windows_8.1 linux_kernel flash_player_desktop_runtime flash_player mac_os_x iphone_os chrome_os windows +5 more products- EPSS Score: %8.78
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2015-7448
SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX003, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud C... Read more
Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities smartcloud_control_desk change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government +3 more products- EPSS Score: %0.13
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2015-7446
Cross-site request forgery (CSRF) vulnerability in IBM Flash System V9000 7.4 before 7.4.1.4, 7.5 before 7.5.1.3, and 7.6 before 7.6.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.... Read more
- EPSS Score: %0.14
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2016-1562
The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter.... Read more
Affected Products : insight- EPSS Score: %0.35
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
5.3
MEDIUMCVE-2016-1361
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a cra... Read more
- EPSS Score: %0.10
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
7.1
HIGHCVE-2016-1360
Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.... Read more
Affected Products : prime_lan_management_solution- EPSS Score: %0.06
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
8.0
HIGHCVE-2016-1338
Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026.... Read more
Affected Products : telepresence_video_communication_server_software- EPSS Score: %0.65
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
9.9
CRITICALCVE-2015-7411
The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.... Read more
Affected Products : tivoli_monitoring- EPSS Score: %0.79
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
5.3
MEDIUMCVE-2015-6485
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information fro... Read more
Affected Products : telvent_rtu_firmware sage_1410 sage_1430 sage_1450 sage_2400 sage_3030m sage_landac_ii-2 sage_2300- EPSS Score: %0.42
- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
6.8
MEDIUMCVE-2016-2088
resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.... Read more
Affected Products : bind- EPSS Score: %48.56
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
8.6
HIGHCVE-2016-1286
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.... Read more
Affected Products : ubuntu_linux fedora debian_linux leap junos opensuse linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit bind +37 more products- EPSS Score: %54.99
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
6.8
MEDIUMCVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed pack... Read more
Affected Products : ubuntu_linux fedora debian_linux leap junos opensuse linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit bind +37 more products- EPSS Score: %64.26
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2016-0886
EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call.... Read more
Affected Products : documentum_xcp- EPSS Score: %0.20
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2015-6184
The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token seque... Read more
- EPSS Score: %49.66
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-1327
Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices with firmware r1_customer_image allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCuv05935.... Read more
- EPSS Score: %3.58
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-1326
The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105.... Read more
- EPSS Score: %0.32
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-1325
The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506.... Read more
- EPSS Score: %0.18
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-1312
The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of H... Read more
- EPSS Score: %0.74
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
7.1
HIGHCVE-2016-2774
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing ... Read more
- EPSS Score: %69.96
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025