Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2015-6909

    Cross-site scripting (XSS) vulnerability in the "Create download task via file upload" feature in Synology Download Station before 3.5-2962 allows remote attackers to inject arbitrary web script or HTML via the name element in the Info dictionary in a tor... Read more

    Affected Products : download_station
    • EPSS Score: %0.46
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6908

    The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.... Read more

    Affected Products : mac_os_x openldap
    • EPSS Score: %73.04
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6675

    Siemens RUGGEDCOM ROS 3.8.0 through 4.1.x permanently enables the IP forwarding feature, which allows remote attackers to bypass a VLAN isolation protection mechanism via IP traffic.... Read more

    Affected Products : ruggedcom_rugged_operating_system
    • EPSS Score: %0.14
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6466

    Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified fi... Read more

    • EPSS Score: %1.70
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6465

    The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted URL.... Read more

    • EPSS Score: %1.82
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 8.5

    HIGH
    CVE-2015-6464

    The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer plugin.... Read more

    • EPSS Score: %0.23
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5631

    Cross-site request forgery (CSRF) vulnerability in the Remote UI on Canon PIXMA MG7500 printers allows remote attackers to hijack the authentication of administrators.... Read more

    • EPSS Score: %0.13
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3964

    SMA Solar Sunny WebBox has hardcoded passwords, which makes it easier for remote attackers to obtain access via unspecified vectors.... Read more

    Affected Products : webbox_firmware
    • EPSS Score: %0.91
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-9208

    Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %19.99
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6827

    Cross-site request forgery (CSRF) vulnerability in Auto-Exchanger 5.1.0 allows remote attackers to hijack the authentication of users for requests that change a password via a request to signup.php.... Read more

    Affected Products : auto-exchanger
    • EPSS Score: %0.22
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6584

    Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the scripts parameter to media/unit_testing/templates/6776.php.... Read more

    Affected Products : datatables
    • EPSS Score: %0.26
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6681

    Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6680.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %2.56
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-6680

    Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6681.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %9.40
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 8.2

    HIGH
    CVE-2015-2546

    The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted ... Read more

    • Actively Exploited
    • EPSS Score: %39.09
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2545

    Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."... Read more

    Affected Products : office
    • Actively Exploited
    • EPSS Score: %93.25
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-2544

    Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vu... Read more

    Affected Products : exchange_server
    • EPSS Score: %8.12
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-2543

    Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerabil... Read more

    Affected Products : exchange_server
    • EPSS Score: %8.12
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2542

    Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."... Read more

    Affected Products : edge internet_explorer
    • EPSS Score: %14.83
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2541

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2485 and CVE... Read more

    Affected Products : internet_explorer
    • EPSS Score: %14.83
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-2536

    Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Skype for Business Server and Lync Server XSS Elevation of Pri... Read more

    • EPSS Score: %10.44
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291712 Results