Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2015-5736

    The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.... Read more

    Affected Products : forticlient
    • EPSS Score: %2.48
    • Published: Sep. 03, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-5735

    The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call.... Read more

    Affected Products : forticlient
    • EPSS Score: %0.06
    • Published: Sep. 03, 2015
    • Modified: Apr. 12, 2025

  • 8.5

    HIGH
    CVE-2015-5190

    The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated users to execute arbitrary commands via "escape characters" in a URL.... Read more

    • EPSS Score: %0.63
    • Published: Sep. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2015-5189

    Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.... Read more

    • EPSS Score: %0.13
    • Published: Sep. 03, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-4077

    The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.... Read more

    Affected Products : forticlient
    • EPSS Score: %0.56
    • Published: Sep. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-6277

    The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MD... Read more

    • EPSS Score: %0.40
    • Published: Sep. 02, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6274

    The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3)S allows remote attackers to cause a denial of service (ESP QFP CPU consumption) by triggering packet fragmentation and reassembly, aka Bug ID CSCuv71273.... Read more

    Affected Products : asr_1000_series_software asr_1000
    • EPSS Score: %0.47
    • Published: Sep. 02, 2015
    • Modified: Apr. 12, 2025

  • 6.9

    MEDIUM
    CVE-2015-4330

    A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.... Read more

    • EPSS Score: %0.15
    • Published: Sep. 02, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-6805

    Cross-site scripting (XSS) vulnerability in the MDC Private Message plugin 1.0.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the message field in a private message.... Read more

    Affected Products : mdc_private_message
    • EPSS Score: %0.24
    • Published: Sep. 02, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-3308

    Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.... Read more

    Affected Products : ubuntu_linux gnutls
    • EPSS Score: %1.39
    • Published: Sep. 02, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-6587

    The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.... Read more

    Affected Products : debian_linux openafs
    • EPSS Score: %0.62
    • Published: Sep. 02, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6737

    Cross-site scripting (XSS) vulnerability in the Widgets extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors involving base64 encoded content.... Read more

    Affected Products : widgets
    • EPSS Score: %0.41
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6736

    The Quiz extension for MediaWiki allows remote attackers to cause a denial of service via regex metacharacters in a regular expression.... Read more

    Affected Products : quiz
    • EPSS Score: %1.61
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6735

    The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new transcode, which allows remote attackers to cause a denial of service (transcode deletion) by resetting a transcode.... Read more

    Affected Products : timedmediahandler
    • EPSS Score: %1.61
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6734

    Cross-site scripting (XSS) vulnerability in contrib/cssgen.php in the GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to inject arbitrary web scrip... Read more

    Affected Products : mediawiki
    • EPSS Score: %0.41
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6733

    GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors.... Read more

    Affected Products : mediawiki
    • EPSS Score: %1.61
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6732

    Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) wpSummary parameter to Special:FormEdit, the (2) "Template label (optional)" field i... Read more

    Affected Products : semanticforms
    • EPSS Score: %0.65
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6731

    Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via a (1) section_*, (2) template_*, (3) label_*, or (4) new_template parameter to Special:Creat... Read more

    Affected Products : semanticforms
    • EPSS Score: %0.48
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6730

    Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error... Read more

    Affected Products : mediawiki
    • EPSS Score: %0.41
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6729

    Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the rel404 parameter, which is not properly handled in an ... Read more

    Affected Products : mediawiki
    • EPSS Score: %0.41
    • Published: Sep. 01, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291728 Results