Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.5

    LOW
    CVE-2015-4791

    Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.... Read more

    Affected Products : mysql
    • EPSS Score: %0.27
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-4766

    Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.... Read more

    Affected Products : mysql
    • EPSS Score: %0.13
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-4762

    Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 and 12.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Online patching.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.17
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4734

    Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.... Read more

    Affected Products : jdk jre
    • EPSS Score: %2.28
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-4730

    Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types.... Read more

    Affected Products : mysql
    • EPSS Score: %0.39
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.4

    MEDIUM
    CVE-2015-2642

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip.... Read more

    Affected Products : solaris
    • EPSS Score: %0.13
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.6

    LOW
    CVE-2015-2633

    Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.0.1 and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Ops Center.... Read more

    • EPSS Score: %0.16
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2608

    Unspecified vulnerability in (1) the Oracle Communications Diameter Signaling Router (DSR) component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier; (2) the Oracle Communications Perfor... Read more

    Affected Products : communications_applications
    • EPSS Score: %2.47
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-1829

    Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener.... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %1.12
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-7698

    icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the (1) listShares function in Server.php or the (2) connect or (3) read function in Share.php.... Read more

    Affected Products : owncloud smb
    • EPSS Score: %0.91
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-7299

    SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter.... Read more

    • EPSS Score: %0.55
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-5954

    The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before 7.0.7, and 8.0.x before 8.0.5 does not consider that NULL is a valid getPath return value, which allows remote authenticated users to bypass intended access restrictions and gain access ... Read more

    Affected Products : owncloud owncloud_server
    • EPSS Score: %0.14
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-4718

    The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 allows remote authenticated users to execute arbitrary SMB commands via a ; (semicolon) character in a file.... Read more

    Affected Products : owncloud owncloud_server
    • EPSS Score: %0.99
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-4717

    The filename sanitization component in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 does not properly handle $_GET parameters cast by PHP to an array, which allows remote attackers to cause a denial of service (infinite loop an... Read more

    Affected Products : owncloud owncloud_server
    • EPSS Score: %0.69
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4716

    Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors.... Read more

    Affected Products : owncloud windows owncloud_server
    • EPSS Score: %23.32
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2015-7823

    Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 through 8.2.41 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the link parameter.... Read more

    Affected Products : kentico kentico_cms
    • EPSS Score: %13.29
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-7822

    Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter name to CMSModules/AdminControls/Pages/UIPage.aspx or the (2) CMSBodyClass cookie variable to the defa... Read more

    Affected Products : kentico kentico_cms
    • EPSS Score: %0.32
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-5953

    Cross-site scripting (XSS) vulnerability in the activity application in ownCloud Server before 7.0.5 and 8.0.x before 8.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a " (double quote) character in a filename in a shared... Read more

    Affected Products : owncloud owncloud_server
    • EPSS Score: %0.18
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-7876

    The escapeLike function in sqlsrv/database.inc in the Drupal 7 driver for SQL Server and SQL Azure 7.x-1.x before 7.x-1.4 does not properly escape certain characters, which allows remote attackers to execute arbitrary SQL commands via vectors involving a ... Read more

    • EPSS Score: %0.56
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-7863

    The default configuration of Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attacke... Read more

    Affected Products : radia_client_automation
    • EPSS Score: %0.23
    • Published: Oct. 19, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291737 Results