Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2015-4946

    Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x bef... Read more

    • EPSS Score: %0.05
    • Published: Jan. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-1283

    The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, w... Read more

    Affected Products : fedora php solaris pcre
    • EPSS Score: %2.47
    • Published: Jan. 03, 2016
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-2007

    Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.5 Patch 6 allows remote authenticated users to read arbitrary files via a crafted URL.... Read more

    • EPSS Score: %0.17
    • Published: Jan. 03, 2016
    • Modified: Apr. 12, 2025

  • 5.6

    MEDIUM
    CVE-2015-1985

    The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file.... Read more

    Affected Products : mq_appliance_m2000
    • EPSS Score: %0.04
    • Published: Jan. 03, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-1971

    Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0... Read more

    • EPSS Score: %0.25
    • Published: Jan. 03, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-8027

    Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP ... Read more

    Affected Products : node.js
    • EPSS Score: %1.50
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-7452

    IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allow remote authenticated users to obtain sensitive informatio... Read more

    • EPSS Score: %0.16
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7450

    Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransf... Read more

    • Actively Exploited
    • EPSS Score: %93.83
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2015-7438

    IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.04
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-7437

    Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.04
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2015-7436

    IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 preserves us... Read more

    Affected Products : tivoli_common_reporting
    • EPSS Score: %0.04
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2015-7435

    IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 allows local... Read more

    Affected Products : tivoli_common_reporting
    • EPSS Score: %0.05
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-7431

    Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.22
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 8.4

    HIGH
    CVE-2015-7430

    The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General Parallel File System (GPFS) allows local users to read or write to arbitrary GPFS data via unspecified vectors.... Read more

    Affected Products : hadoop spectrum_scale
    • EPSS Score: %0.05
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    CRITICAL
    CVE-2015-7426

    The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.3.0 and Tivoli Storage FlashCopy Manager for VMware (aka Spec... Read more

    • EPSS Score: %2.73
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-7422

    Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service (application crash) via unspecified vectors.... Read more

    Affected Products : windows i_access
    • EPSS Score: %0.08
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-7416

    AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote attackers to cause a denial of service (viewer crash) via a crafted workbench file.... Read more

    Affected Products : windows i_access
    • EPSS Score: %0.22
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2015-7407

    Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.... Read more

    Affected Products : mashups_center
    • EPSS Score: %0.11
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-7403

    IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.... Read more

    • EPSS Score: %0.06
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.7

    HIGH
    CVE-2015-7400

    The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XX... Read more

    Affected Products : mashups_center
    • EPSS Score: %0.77
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291712 Results