Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.9

    MEDIUM
    CVE-2014-9729

    The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: Aug. 31, 2015
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2014-9728

    The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: Aug. 31, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-5698

    Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.... Read more

    • EPSS Score: %9.94
    • Published: Aug. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-4555

    Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibl... Read more

    • EPSS Score: %1.08
    • Published: Aug. 30, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-3966

    The IPsec SA establishment process on Innominate mGuard devices with firmware 8.x before 8.1.7 allows remote authenticated users to cause a denial of service (VPN service restart) by leveraging a peer relationship to send a crafted configuration with comp... Read more

    Affected Products : mguard_firmware
    • EPSS Score: %0.33
    • Published: Aug. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-4498

    The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary h... Read more

    Affected Products : firefox firefox_esr
    • EPSS Score: %0.58
    • Published: Aug. 29, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-4497

    Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and ... Read more

    Affected Products : firefox firefox_esr
    • EPSS Score: %3.04
    • Published: Aug. 29, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6273

    Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via c... Read more

    • EPSS Score: %0.43
    • Published: Aug. 29, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6268

    Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv4 UDP packet, aka Bug ID CSCsw95482.... Read more

    • EPSS Score: %0.43
    • Published: Aug. 29, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-6267

    Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted L2TP packet, aka Bug IDs CSCsw95722 and CSCsw95496.... Read more

    • EPSS Score: %0.43
    • Published: Aug. 29, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-1171

    Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.... Read more

    Affected Products : sim_card_editor
    • EPSS Score: %76.87
    • Published: Aug. 28, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9651

    Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, and before 5.0 allows attackers to have unspecified impact via a positive START argument to the "substring-index[-ci] procedures."... Read more

    Affected Products : chicken
    • EPSS Score: %0.43
    • Published: Aug. 28, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6266

    The guest portal in Cisco Identity Services Engine (ISE) 3300 1.2(0.899) does not restrict access to uploaded HTML documents, which allows remote attackers to obtain sensitive information from customized documents via a direct request, aka Bug ID CSCuo780... Read more

    Affected Products : identity_services_engine_software
    • EPSS Score: %0.23
    • Published: Aug. 28, 2015
    • Modified: Apr. 12, 2025

  • 2.6

    LOW
    CVE-2015-2987

    Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.... Read more

    Affected Products : ed
    • EPSS Score: %0.23
    • Published: Aug. 28, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-5368

    The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows remote attackers to modify data or cause a denial of service, or execute arbitrary co... Read more

    • EPSS Score: %2.82
    • Published: Aug. 27, 2015
    • Modified: Apr. 12, 2025

  • 6.9

    MEDIUM
    CVE-2015-5367

    The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors.... Read more

    • EPSS Score: %0.06
    • Published: Aug. 27, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6265

    The CLI in Cisco Application Control Engine (ACE) 4700 A5 3.0 and earlier allows local users to bypass intended access restrictions, and read or write to files, by entering an unspecified CLI command with a crafted file as this command's input, aka Bug ID... Read more

    Affected Products : application_control_engine_4700
    • EPSS Score: %0.28
    • Published: Aug. 27, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-5433

    HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors.... Read more

    • EPSS Score: %0.21
    • Published: Aug. 27, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-5432

    HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors.... Read more

    • EPSS Score: %1.01
    • Published: Aug. 27, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-5431

    HP Matrix Operating Environment before 7.5.0 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.... Read more

    Affected Products : matrix_operating_environment
    • EPSS Score: %0.23
    • Published: Aug. 27, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291541 Results