Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 7.1

    HIGH
    CVE-2015-6324

    The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) software 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(2) allows remote attackers to cause a denial of service (device reloa... Read more

    • EPSS Score: %0.28
    • Published: Oct. 25, 2015
    • Modified: Apr. 12, 2025
  • 2.1

    LOW
    CVE-2015-1005

    IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : scada_web_server
    • EPSS Score: %0.06
    • Published: Oct. 25, 2015
    • Modified: Apr. 12, 2025
  • 5.0

    MEDIUM
    CVE-2015-1003

    Directory traversal vulnerability in IniNet embeddedWebServer (aka eWebServer) before 2.02 allows remote attackers to read arbitrary files via a crafted pathname.... Read more

    Affected Products : scada_web_server
    • EPSS Score: %0.54
    • Published: Oct. 25, 2015
    • Modified: Apr. 12, 2025
  • 6.4

    MEDIUM
    CVE-2015-1002

    IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string.... Read more

    Affected Products : scada_web_server
    • EPSS Score: %0.50
    • Published: Oct. 25, 2015
    • Modified: Apr. 12, 2025
  • 10.0

    HIGH
    CVE-2015-1001

    Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request.... Read more

    Affected Products : scada_web_server
    • EPSS Score: %1.35
    • Published: Oct. 25, 2015
    • Modified: Apr. 12, 2025
  • 5.8

    MEDIUM
    CVE-2015-7023

    CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %0.74
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 7.2

    HIGH
    CVE-2015-7021

    The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to gain privileges or cause a denial of service (kernel memory corruption) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.04
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 5.6

    MEDIUM
    CVE-2015-7020

    The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different ... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.04
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 5.6

    MEDIUM
    CVE-2015-7019

    The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different ... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.04
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7018

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-69... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %1.87
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 7.6

    HIGH
    CVE-2015-7016

    The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted develope... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.33
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7015

    Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client.... Read more

    Affected Products : mac_os_x iphone_os watchos
    • EPSS Score: %1.16
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7014

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabil... Read more

    Affected Products : itunes iphone_os safari
    • EPSS Score: %1.17
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7013

    WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other We... Read more

    Affected Products : itunes mac_os_x iphone_os
    • EPSS Score: %1.53
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7012

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabil... Read more

    Affected Products : itunes iphone_os safari
    • EPSS Score: %1.64
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7011

    WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other We... Read more

    Affected Products : itunes safari
    • EPSS Score: %1.66
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7010

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-69... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %1.87
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7009

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-69... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %1.87
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 6.8

    MEDIUM
    CVE-2015-7008

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-69... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %1.87
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
  • 7.5

    HIGH
    CVE-2015-7007

    Script Editor in Apple OS X before 10.11.1 allows remote attackers to bypass an intended user-confirmation requirement for AppleScript execution via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %78.16
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291750 Results