Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2015-7441

    Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.2 does not properly use SSL for its HTTPS ... Read more

    • EPSS Score: %0.25
    • Published: Jan. 01, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2015-5990

    Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users.... Read more

    Affected Products : gs1900-10hp_firmware
    • EPSS Score: %0.11
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5989

    Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to obtain administrative privileges via certain changes to LockStatus and Login_Success values.... Read more

    Affected Products : gs1900-10hp_firmware
    • EPSS Score: %1.08
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2015-5988

    The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.... Read more

    Affected Products : gs1900-10hp_firmware
    • EPSS Score: %0.51
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 8.6

    HIGH
    CVE-2015-5987

    Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.... Read more

    Affected Products : gs1900-10hp_firmware
    • EPSS Score: %0.52
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 7.4

    HIGH
    CVE-2015-1947

    Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0, when a DB2 database is used, allows local users to gain privileges via a Trojan horse library that is loaded by a setuid or setgid program.... Read more

    Affected Products : infosphere_biginsights
    • EPSS Score: %0.06
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2015-7447

    IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF09 allows remote attackers to bypass intended Portal AccessControl REST API access restrictions and obta... Read more

    Affected Products : websphere_portal
    • EPSS Score: %0.25
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 8.0

    HIGH
    CVE-2015-7284

    Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users.... Read more

    Affected Products : nbg-418n_firmware nbg-418n
    • EPSS Score: %0.12
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-7283

    The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.... Read more

    Affected Products : nbg-418n_firmware nbg-418n
    • EPSS Score: %1.58
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2015-7282

    ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port.... Read more

    Affected Products : wrt300n-dd_firmware wrt300n-dd
    • EPSS Score: %0.24
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2015-7281

    Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users.... Read more

    Affected Products : wrt300n-dd_firmware wrt300n-dd
    • EPSS Score: %0.12
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7280

    The web administration interface on ReadyNet WRT300N-DD devices with firmware 1.0.26 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.... Read more

    Affected Products : wrt300n-dd_firmware wrt300n-dd
    • EPSS Score: %0.76
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2015-7279

    Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.... Read more

    Affected Products : r10000_firmware r10000
    • EPSS Score: %0.58
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2015-7278

    Cross-site request forgery (CSRF) vulnerability on Amped Wireless R10000 devices with firmware 2.5.2.11 allows remote attackers to hijack the authentication of arbitrary users.... Read more

    Affected Products : r10000_firmware r10000
    • EPSS Score: %0.12
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2015-7277

    The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.... Read more

    Affected Products : r10000_firmware r10000
    • EPSS Score: %0.92
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 8.3

    HIGH
    CVE-2015-6020

    ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain administrative privileges by leveraging access to the user account.... Read more

    Affected Products : pmg5318-b20a_firmware
    • EPSS Score: %0.21
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 8.5

    HIGH
    CVE-2015-6019

    The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.... Read more

    Affected Products : pmg5318-b20a_firmware
    • EPSS Score: %0.33
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6018

    The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0 allows remote attackers to execute arbitrary commands via the PingIPAddr parameter.... Read more

    Affected Products : pmg5318-b20a_firmware
    • EPSS Score: %22.08
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-6017

    Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0) allow remote attackers to inject arbitrary web script or HTML via the (1) LoginPassword or (2) hiddenPassword parameter.... Read more

    Affected Products : p-660hw-t1_v2_firmware
    • EPSS Score: %0.54
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6016

    ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspe... Read more

    • EPSS Score: %5.57
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291589 Results