Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2016-1361

    Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a cra... Read more

    Affected Products : ios_xr xr_12404 xr_12406 xr_12410 xr_12416
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 7.1

    HIGH
    CVE-2016-1360

    Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.... Read more

    Affected Products : prime_lan_management_solution
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 8.0

    HIGH
    CVE-2016-1338

    Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026.... Read more

    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 9.9

    CRITICAL
    CVE-2015-7411

    The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.... Read more

    Affected Products : tivoli_monitoring
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2015-6485

    Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information fro... Read more

    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2016-2088

    resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.... Read more

    Affected Products : bind
    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 8.6

    HIGH
    CVE-2016-1286

    named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2016-1285

    named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed pack... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2016-0886

    EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call.... Read more

    Affected Products : documentum_xcp
    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6184

    The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token seque... Read more

    Affected Products : windows_10 internet_explorer
    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1327

    Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices with firmware r1_customer_image allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCuv05935.... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1326

    The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105.... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1325

    The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506.... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1312

    The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of H... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 7.1

    HIGH
    CVE-2016-2774

    ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing ... Read more

    Affected Products : ubuntu_linux debian_linux dhcp
    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1009

    Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 8.4

    HIGH
    CVE-2016-1008

    Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain priv... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-1007

    Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0954

    Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : digital_editions
    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-0134

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Off... Read more

    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292874 Results