Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2016-0860

    Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %1.28
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0859

    Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %1.79
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-0858

    Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %1.15
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0857

    Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %8.21
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0856

    Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %60.94
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0855

    Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %3.55
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0854

    Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vector... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %73.70
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0853

    Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %0.52
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-0852

    Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %0.17
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-0851

    Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %0.24
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-8281

    Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations.... Read more

    Affected Products : web_viewer
    • EPSS Score: %0.16
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-8280

    Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages.... Read more

    Affected Products : web_viewer
    • EPSS Score: %0.49
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.6

    HIGH
    CVE-2015-8279

    Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.... Read more

    Affected Products : web_viewer
    • EPSS Score: %52.23
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6467

    Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involving a browser plugin.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %0.62
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6423

    The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782.... Read more

    • EPSS Score: %0.15
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6336

    Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062.... Read more

    • EPSS Score: %0.45
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6323

    The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253.... Read more

    Affected Products : identity_services_engine_software
    • EPSS Score: %1.49
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6320

    The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138.... Read more

    • EPSS Score: %0.53
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6314

    Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153.... Read more

    • EPSS Score: %1.07
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2015-5007

    Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 through 7.0.0.9, and 7.0 Feature Pack 8 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequ... Read more

    Affected Products : websphere_commerce
    • EPSS Score: %0.11
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291513 Results