Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2015-2553

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it ... Read more

    • EPSS Score: %11.33
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2552

    The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection mechanism, and consequently interfere with the integrity o... Read more

    • EPSS Score: %1.46
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2550

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application,... Read more

    • EPSS Score: %2.96
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2549

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application,... Read more

    • EPSS Score: %2.05
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2548

    Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerability... Read more

    Affected Products : windows_7 windows_vista
    • EPSS Score: %59.52
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2515

    Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to ex... Read more

    • EPSS Score: %48.45
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2482

    The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted repla... Read more

    Affected Products : internet_explorer vbscript jscript
    • EPSS Score: %64.10
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6332

    Cisco Prime Infrastructure 2.2 allows remote attackers to cause a denial of service (daemon hang) by sending many SSL renegotiation requests, aka Bug ID CSCuv56830.... Read more

    Affected Products : prime_infrastructure
    • EPSS Score: %0.46
    • Published: Oct. 13, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6328

    The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) allows remote authenticated users to bypass intended access restrictions and read arbitrary files via a crafted URL, aka Bug ID CSCus88380.... Read more

    Affected Products : prime_collaboration_assurance
    • EPSS Score: %0.17
    • Published: Oct. 13, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-6315

    Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694.... Read more

    • EPSS Score: %0.09
    • Published: Oct. 13, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-6331

    SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887.... Read more

    Affected Products : prime_collaboration_assurance
    • EPSS Score: %0.29
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-6329

    SQL injection vulnerability in Cisco Prime Collaboration Provisioning 10.6 and 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut64074.... Read more

    Affected Products : prime_collaboration_provisioning
    • EPSS Score: %0.30
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 6.6

    MEDIUM
    CVE-2015-6322

    The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563.... Read more

    Affected Products : anyconnect_secure_mobility_client
    • EPSS Score: %0.09
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 6.9

    MEDIUM
    CVE-2015-6318

    Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an unspecified symlink attack, aka Bug ID CSCuv11969.... Read more

    • EPSS Score: %0.09
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 8.5

    HIGH
    CVE-2015-5647

    The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-866.... Read more

    Affected Products : garoon
    • EPSS Score: %0.66
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 8.5

    HIGH
    CVE-2015-5646

    Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-863 and CyVDB-867.... Read more

    Affected Products : garoon
    • EPSS Score: %0.73
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-5443

    HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (GA) SPOCC, and SP 4.3.0-GA-24 (MU1) SPOCC allows remote authenticated users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : 3par_service_processor_sp
    • EPSS Score: %0.21
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 6.9

    MEDIUM
    CVE-2015-4325

    The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges by terminating a firestarter.py supervised process and then triggering the restart of a process by the roo... Read more

    • EPSS Score: %0.09
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2015-4265

    Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x before 2.2.6 allows local users to cause a denial of service (host OS or BMC hang) by sending crafted packets over the Inter-IC (I2C) bus, aka Bug ID CSCuq77241.... Read more

    • EPSS Score: %0.06
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2342

    The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol.... Read more

    Affected Products : vcenter_server
    • EPSS Score: %92.03
    • Published: Oct. 12, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291712 Results