Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2016-1262

    Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attacker... Read more

    Affected Products : junos junos
    • EPSS Score: %0.61
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-1260

    Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and 15.2 before 15.2R1 on EX4300 series switches allow remote attackers to cause a denial of service (network loop and bandwidth consumption) via unspecified vectors related to Spanning Tree... Read more

    Affected Products : junos junos
    • EPSS Score: %0.48
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-1258

    Embedthis Appweb, as used in J-Web in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R8, 14.1 before 14.1R6, and 14.... Read more

    Affected Products : junos junos
    • EPSS Score: %0.44
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2016-1257

    The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before 13.3R7-S3, 14.1R1 before 14.1R6, 14.1R3 before 14.1R3-S9, 14.1R4 before 14.1R4-S7, 14.1X51 before 14.1X51-D65, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.... Read more

    Affected Products : junos junos
    • EPSS Score: %0.61
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-1256

    Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R7, 14.1 before 14.1R5, 14.1X53 before 14.1X53-D1... Read more

    Affected Products : junos junos
    • EPSS Score: %0.48
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.9

    MEDIUM
    CVE-2015-8749

    The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers ... Read more

    Affected Products : nova
    • EPSS Score: %0.94
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2015-8688

    Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.... Read more

    Affected Products : gajim
    • EPSS Score: %0.56
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-8685

    Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) external calendar url or (2) the bank name field in the "import external calendar" page.... Read more

    Affected Products : dolibarr_erp\/crm dolibarr
    • EPSS Score: %0.21
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 6.2

    MEDIUM
    CVE-2015-8675

    Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.... Read more

    Affected Products : s5300_firmware s5300
    • EPSS Score: %0.03
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1898

    FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of ... Read more

    Affected Products : ubuntu_linux leap ffmpeg
    • EPSS Score: %33.18
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1897

    FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a lo... Read more

    Affected Products : ubuntu_linux leap ffmpeg
    • EPSS Score: %57.76
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0860

    Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %1.28
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0859

    Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %1.79
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-0858

    Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %1.15
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0857

    Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %8.21
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0856

    Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %60.94
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0855

    Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %3.55
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0854

    Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vector... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %73.70
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0853

    Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %0.52
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0852

    Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %0.17
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291384 Results