Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2015-4327

    The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing script arguments to an unspecified file, aka Bug ID CSCuv12542.... Read more

    • EPSS Score: %0.12
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-4320

    The Configuration Log File component in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to obtain sensitive information by reading a log file, aka Bug ID CSCuv12340.... Read more

    • EPSS Score: %0.20
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4317

    Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in an authentication packet, aka Bug ID CSCuv40469.... Read more

    • EPSS Score: %0.83
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-4315

    The Call Policy Configuration page in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.3 improperly validates external DTDs, which allows remote authenticated users to read arbitrary files or cause a denial of service via a crafted XML ... Read more

    • EPSS Score: %0.46
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-4314

    The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422.... Read more

    • EPSS Score: %0.18
    • Published: Aug. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-4323

    Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9)... Read more

    • EPSS Score: %0.81
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-4310

    Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse 10.5(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug IDs CSCuq82322, CSCut95853, and CSCuq73975.... Read more

    Affected Products : finesse
    • EPSS Score: %0.47
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4296

    Nexus Data Broker (NDB) on Cisco Nexus 3000 devices with software 6.0(2)A6(1) allows remote attackers to cause a denial of service (Java process restart) via crafted connections to the Java application, aka Bug ID CSCut87006.... Read more

    • EPSS Score: %0.92
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2015-4277

    The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumpti... Read more

    • EPSS Score: %0.34
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6523

    Cross-site request forgery (CSRF) vulnerability in the Portfolio plugin before 1.05 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via a request to the instagram-portfolio pag... Read more

    Affected Products : portfolio
    • EPSS Score: %0.14
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6522

    SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the size parameter to get_album_item.php.... Read more

    Affected Products : wp_symposium
    • EPSS Score: %78.20
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6255

    Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via a crafted chat message, aka Bug ID CSCuo89051.... Read more

    • EPSS Score: %0.45
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-5621

    The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibl... Read more

    • EPSS Score: %19.58
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-5163

    The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image.... Read more

    Affected Products : glance glance
    • EPSS Score: %0.24
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-4324

    Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to... Read more

    • EPSS Score: %0.83
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-4322

    Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine f... Read more

    • EPSS Score: %0.17
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-4308

    The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devices allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuu43968.... Read more

    Affected Products : edge_bluebird_operating_system
    • EPSS Score: %0.25
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-4301

    Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.... Read more

    • EPSS Score: %0.82
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-4299

    Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly performs authorization, which allows remote authenticated users to remove default messaging-queue system folders via unspecified vectors, aka Bug ID CSCuo89046.... Read more

    • EPSS Score: %0.55
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4298

    Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056.... Read more

    • EPSS Score: %0.55
    • Published: Aug. 19, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291513 Results