Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2015-4318

    Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528.... Read more

    • EPSS Score: %0.54
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4536

    EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 before P02, when RPC tracing is configured, stores certain obfuscated password data in a log file, which allows remote authenticated users to obtain sensitive information by reading thi... Read more

    Affected Products : documentum_content_server
    • EPSS Score: %0.20
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-4535

    Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when __debug_trace__ is configured, allows remote authenticated users to gain super-user privileges by leve... Read more

    Affected Products : documentum_content_server
    • EPSS Score: %0.47
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-4534

    Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 allows remote authenticated users to execute arbitrary code by forging a signature for a query string that l... Read more

    Affected Products : documentum_content_server
    • EPSS Score: %1.24
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-4533

    EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code wit... Read more

    Affected Products : documentum_content_server
    • EPSS Score: %2.44
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-4532

    EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization and does not properly restrict object types, which allows remote authenticated users to run save R... Read more

    Affected Products : documentum_content_server
    • EPSS Score: %1.18
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2015-4531

    EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user... Read more

    Affected Products : documentum_content_server
    • EPSS Score: %0.22
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-4530

    Cross-site request forgery (CSRF) vulnerability in EMC Documentum WebTop before 6.8P01, Documentum Administrator through 7.2, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7... Read more

    • EPSS Score: %0.12
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4329

    The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID CSCuv11796.... Read more

    • EPSS Score: %0.46
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4321

    The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing ta... Read more

    • EPSS Score: %0.21
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-4319

    The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords vi... Read more

    • EPSS Score: %0.60
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-4316

    The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly validates the phone line used for registration, which allows remote authenticated users to conduct impersona... Read more

    • EPSS Score: %0.46
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4303

    Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary commands in the context of the nobody user account via an unspecified web-page parameter, aka Bug ID CSCuv12333.... Read more

    • EPSS Score: %0.57
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-0542

    Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA Archer GRC 5.5 SP1 before P3 allow remote attackers to hijack the authentication of arbitrary users.... Read more

    Affected Products : rsa_archer_egrc
    • EPSS Score: %0.13
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2015-0537

    Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows... Read more

    Affected Products : bsafe bsafe_crypto-c bsafe_ssl-c
    • EPSS Score: %2.28
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-0536

    EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of servic... Read more

    Affected Products : bsafe bsafe_ssl-c
    • EPSS Score: %1.03
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-0535

    EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPOR... Read more

    Affected Products : bsafe bsafe_ssl-c
    • EPSS Score: %0.44
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-0534

    EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2, RSA BSAFE SSL-J before 6.2, and RSA BSAFE SSL-C 2.8.9 and earlier do not enforce certain constraints on certificate data, which allows remote... Read more

    Affected Products : bsafe bsafe_ssl-j bsafe_ssl-c
    • EPSS Score: %0.95
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-0533

    EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExch... Read more

    Affected Products : bsafe bsafe_ssl-c
    • EPSS Score: %0.31
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-4328

    Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read o... Read more

    • EPSS Score: %0.24
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291513 Results