Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2016-1208

    The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors.... Read more

    Affected Products : mac_os_x filemaker filemaker_server
    • Published: May. 14, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-8530

    Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 23.0.0.3-IF0001, and 24 before 24.0.0.0-IF0003 allows rem... Read more

    Affected Products : spss_statistics
    • Published: May. 14, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-1399

    The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, and 15.2(4)EA on Industrial Ethernet 4000 devices and 15.2(2)EB and 15.2(2)EB1 on Industrial Ethernet 5000 devices allows remote attackers to cause a denial of service (packet... Read more

    • Published: May. 14, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-8156

    Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.... Read more

    Affected Products : endpoint_encryption
    • Published: May. 14, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-4536

    The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information... Read more

    Affected Products : openafs
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-4024

    Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.... Read more

    Affected Products : debian_linux opensuse imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 8.2

    HIGH
    CVE-2016-3994

    The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-3993

    Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-2860

    The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creat... Read more

    Affected Products : debian_linux openafs
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-8312

    Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes.... Read more

    Affected Products : debian_linux openafs
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2015-8099

    F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, ... Read more

    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9771

    Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9764

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9763

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9762

    imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2011-5326

    imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.... Read more

    Affected Products : debian_linux imlib2
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2850

    Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.... Read more

    Affected Products : fedora botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-2849

    Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.... Read more

    Affected Products : fedora debian_linux botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2196

    Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors.... Read more

    Affected Products : botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2195

    Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow.... Read more

    Affected Products : debian_linux botan
    • Published: May. 13, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293354 Results