Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2016-1733

    AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.23
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1732

    AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.05
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1599

    Cross-site scripting (XSS) vulnerability in NetIQ Self Service Password Reset (SSPR) 2.x and 3.x before 3.3.1 HF2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.... Read more

    • EPSS Score: %0.25
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 8.4

    HIGH
    CVE-2015-7551

    The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to ex... Read more

    Affected Products : ruby mac_os_x
    • EPSS Score: %0.11
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 9.1

    CRITICAL
    CVE-2015-6854

    The non-Domino web agents in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, and R12.5 before CR5 allow remote attackers to cause a denial of service (daemon crash) or obtain sensitive information via a... Read more

    Affected Products : single_sign-on single_sign-on
    • EPSS Score: %0.64
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 9.1

    CRITICAL
    CVE-2015-6853

    The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remote attackers to cause a denial of service (daemon crash)... Read more

    Affected Products : single_sign-on single_sign-on
    • EPSS Score: %0.81
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2009-2197

    Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog.... Read more

    Affected Products : safari
    • EPSS Score: %0.38
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 6.4

    MEDIUM
    CVE-2016-3116

    CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.... Read more

    Affected Products : dropbear_ssh dropbear_ssh_server
    • EPSS Score: %27.58
    • Published: Mar. 22, 2016
    • Modified: Apr. 12, 2025

  • 6.4

    MEDIUM
    CVE-2016-3115

    Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_r... Read more

    Affected Products : openssh vm_server
    • EPSS Score: %56.75
    • Published: Mar. 22, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1998

    HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.... Read more

    Affected Products : service_manager
    • EPSS Score: %1.67
    • Published: Mar. 22, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1997

    HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.... Read more

    • EPSS Score: %2.58
    • Published: Mar. 22, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-7454

    Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote authenti... Read more

    • EPSS Score: %0.16
    • Published: Mar. 21, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-2245

    HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.... Read more

    Affected Products : support_assistant
    • EPSS Score: %14.45
    • Published: Mar. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-0283

    Cross-site scripting (XSS) vulnerability in the OpenID Connect (OIDC) client web application in IBM WebSphere Application Server (WAS) Liberty Profile 8.5.5 before 8.5.5.9 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.27
    • Published: Mar. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-2287

    Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : 442sr_os 442sr
    • EPSS Score: %0.34
    • Published: Mar. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-2286

    lms/templates/footer-edx-new.html in Open edX edx-platform before 2015-01-29 does not properly restrict links on the password-reset page, which allows user-assisted remote attackers to discover password-reset tokens by reading a referer log after a victim... Read more

    Affected Products : open_edx
    • EPSS Score: %0.34
    • Published: Mar. 19, 2016
    • Modified: Apr. 12, 2025

  • 3.6

    LOW
    CVE-2016-3155

    Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors.... Read more

    Affected Products : apogee_insight
    • EPSS Score: %0.04
    • Published: Mar. 18, 2016
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2016-2281

    Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.... Read more

    Affected Products : panel_builder_800
    • EPSS Score: %0.04
    • Published: Mar. 18, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-8154

    The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote attackers to execute arbitrary code via a crafted HTML document, related to "RWX Permission... Read more

    • EPSS Score: %1.68
    • Published: Mar. 18, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2015-8153

    SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : endpoint_protection_manager
    • EPSS Score: %0.87
    • Published: Mar. 18, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292508 Results