Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.5

    LOW
    CVE-2015-1888

    Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.2 before 2.0.2-ICN-FP007 and 2.0.3 before 2.0.3-ICN-FP003, as used in Content Manager, FileNet Content Manager, Content Foundation, Content Manager OnDemand, and other products, allows ... Read more

    Affected Products : content_navigator
    • EPSS Score: %0.17
    • Published: Oct. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-0195

    Cross-site scripting (XSS) vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSphere Portal 8.0.x and 4.x before 4.3.1 for WebSphere Portal 8.5.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL.... Read more

    • EPSS Score: %0.24
    • Published: Oct. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-0145

    Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that ... Read more

    Affected Products : openpages_grc_platform
    • EPSS Score: %0.10
    • Published: Oct. 03, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-0144

    Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vul... Read more

    Affected Products : openpages_grc_platform
    • EPSS Score: %0.17
    • Published: Oct. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0143

    IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to obtain sensitive information by reading error messages.... Read more

    Affected Products : openpages_grc_platform
    • EPSS Score: %0.16
    • Published: Oct. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0142

    IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to cause a denial of service (maintenance-mode transition and data-storage outage) by calling the System Administrati... Read more

    Affected Products : openpages_grc_platform
    • EPSS Score: %0.36
    • Published: Oct. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-0141

    IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to modify arbitrary user filters via a JSON request.... Read more

    Affected Products : openpages_grc_platform
    • EPSS Score: %0.20
    • Published: Oct. 03, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2014-8916

    Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vul... Read more

    Affected Products : openpages_grc_platform
    • EPSS Score: %0.17
    • Published: Oct. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6309

    Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service (file-descriptor consumption and device reload) via crafted HTTP requests, aka Bug ID CSCuw32211.... Read more

    • EPSS Score: %0.31
    • Published: Oct. 02, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-6308

    Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated users to cause a denial of service (temporary SNMP outage) via an SNMP request for an OID that does not exist, aka Bug ID CSCuw36684.... Read more

    Affected Products : nx-os nx-os
    • EPSS Score: %0.39
    • Published: Oct. 02, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-5653

    Buffer overflow in Canary Labs Trend Web Server before 9.5.2 allows remote attackers to execute arbitrary code via a crafted TCP packet.... Read more

    Affected Products : trendweb
    • EPSS Score: %1.34
    • Published: Oct. 02, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6602

    libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file, as demonstrated by an attack against use of libutils by libstagefright in Android 5.x.... Read more

    Affected Products : android
    • EPSS Score: %1.77
    • Published: Oct. 02, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-4546

    Directory traversal vulnerability in EMC RSA OneStep 6.9 before build 559, as used in RSA Certificate Manager and RSA Registration Manager through 6.9 build 558 and other products, allows remote attackers to read arbitrary files via a crafted KCSOSC_ERROR... Read more

    Affected Products : rsa_certificate_manager rsa_onestep
    • EPSS Score: %3.40
    • Published: Oct. 02, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3876

    libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file.... Read more

    Affected Products : android
    • EPSS Score: %4.56
    • Published: Oct. 02, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-2858

    Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to (1) ValidateFormAction.do or (2) ProfileConfirmEditAddressAction.do.... Read more

    Affected Products : airline_booking_software
    • EPSS Score: %0.27
    • Published: Oct. 02, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-7612

    Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations page in Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that have... Read more

    Affected Products : vulnerability_manager
    • EPSS Score: %0.12
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 3.6

    LOW
    CVE-2015-7311

    libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-7236

    Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.... Read more

    • EPSS Score: %8.21
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1338

    kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.... Read more

    Affected Products : ubuntu_linux apport
    • EPSS Score: %0.38
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1335

    lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.... Read more

    Affected Products : ubuntu_linux lxc
    • EPSS Score: %0.08
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291647 Results