Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2015-5637

    The Newphoria Photon application before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.... Read more

    Affected Products : 1.1
    • EPSS Score: %0.40
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5636

    The Newphoria Reversi application before 1.0.3 for Android and before 1.2 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.... Read more

    Affected Products : reversi
    • EPSS Score: %0.40
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5635

    The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.... Read more

    Affected Products : koritore
    • EPSS Score: %0.40
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5634

    The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.... Read more

    Affected Products : megaphone_music
    • EPSS Score: %0.40
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5633

    The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.... Read more

    Affected Products : auction_camera
    • EPSS Score: %0.40
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5632

    The runtime engine in the Newphoria applican framework before 1.12.3 for Android and before 1.12.2 for iOS allows attackers to bypass a whitelist.xml URL whitelist protection mechanism and obtain API access via unspecified vectors.... Read more

    Affected Products : applican
    • EPSS Score: %0.40
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6301

    The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.... Read more

    • EPSS Score: %0.57
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-6300

    Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service (SSH screen process crash) via crafted (1) CLI or (2) GUI commands, aka Bug ID CSCuw24694.... Read more

    • EPSS Score: %0.39
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-6299

    SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824.... Read more

    Affected Products : unity_connection
    • EPSS Score: %0.29
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.8

    MEDIUM
    CVE-2015-6295

    Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN numb... Read more

    • EPSS Score: %0.65
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6284

    Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service ... Read more

    • EPSS Score: %0.45
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-5638

    Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL.... Read more

    Affected Products : h2o h20
    • EPSS Score: %0.24
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-4307

    The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated users to bypass intended access restrictions and create administrative accounts via a crafted URL, aka Bug ID CSCut64111.... Read more

    Affected Products : prime_collaboration_provisioning
    • EPSS Score: %0.36
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 8.5

    HIGH
    CVE-2015-4306

    The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session ident... Read more

    Affected Products : prime_collaboration_assurance
    • EPSS Score: %0.37
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-4305

    The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted... Read more

    Affected Products : prime_collaboration_assurance
    • EPSS Score: %0.17
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-4304

    The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka ... Read more

    Affected Products : prime_collaboration_assurance
    • EPSS Score: %0.36
    • Published: Sep. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2015-6932

    VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : vcenter_server
    • EPSS Score: %0.17
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6460

    Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0.... Read more

    Affected Products : codesys_gateway_server
    • EPSS Score: %12.98
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6459

    Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or delete arbitrary files via a full pathname.... Read more

    Affected Products : mds_pulsenet
    • EPSS Score: %1.85
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-6456

    GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials for a support account, which allows remote attackers to obtain administrative access, and consequently execute arbitrary code, by leveraging knowledge of th... Read more

    Affected Products : mds_pulsenet
    • EPSS Score: %2.39
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291647 Results