Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2015-7727

    Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors in the (1) trace configuration page or... Read more

    Affected Products : hana
    • EPSS Score: %0.60
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-7726

    Cross-site scripting (XSS) vulnerability in role deletion in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allows remote authenticated users to inject arbitrary web script or HTML via the role name, aka SAP Security Note 215389... Read more

    Affected Products : hana
    • EPSS Score: %0.18
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-7725

    Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allow remote authenticated users to execute arbitrary SQL commands via the (1) remoteSourceName in the dropCredentials function or unspecif... Read more

    Affected Products : hana
    • EPSS Score: %1.01
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-7361

    FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain... Read more

    Affected Products : fortios
    • EPSS Score: %0.74
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-6507

    The hdbsql client 1.00.091.00 Build 1418659308-1530 in SAP HANA allows local users to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors, aka SAP Security Note 2140700.... Read more

    Affected Products : hana
    • EPSS Score: %0.06
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-7834

    Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.... Read more

    Affected Products : chrome v8
    • EPSS Score: %0.19
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-7645

    Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.... Read more

    • Actively Exploited
    • EPSS Score: %84.84
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6763

    Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %10.17
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6762

    The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets (CSS) implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL a... Read more

    Affected Products : chrome
    • EPSS Score: %0.70
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6761

    The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a ... Read more

    Affected Products : chrome ffmpeg
    • EPSS Score: %1.46
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6760

    The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or write)... Read more

    Affected Products : chrome
    • EPSS Score: %1.03
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6759

    The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to obtai... Read more

    Affected Products : chrome
    • EPSS Score: %0.80
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6758

    The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of servic... Read more

    Affected Products : chrome
    • EPSS Score: %0.96
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6757

    Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other imp... Read more

    Affected Products : chrome
    • EPSS Score: %1.58
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6756

    Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspeci... Read more

    Affected Products : chrome
    • EPSS Score: %0.96
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6755

    The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remo... Read more

    Affected Products : chrome
    • EPSS Score: %1.04
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-7829

    Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer direct... Read more

    • EPSS Score: %0.40
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7644

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.... Read more

    • EPSS Score: %8.65
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-7643

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.... Read more

    • EPSS Score: %5.68
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-7634

    Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute a... Read more

    • EPSS Score: %11.15
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291750 Results