Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.5

    LOW
    CVE-2014-9739

    Cross-site scripting (XSS) vulnerability in the Node Field module 7.x-2.x before 7.x-2.45 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors involving internal fields.... Read more

    Affected Products : node_field
    • EPSS Score: %0.16
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-9738

    Multiple cross-site scripting (XSS) vulnerabilities in the Tournament module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via an (1) account username, a (2) node title, ... Read more

    Affected Products : tournament
    • EPSS Score: %0.22
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2014-9737

    Open redirect vulnerability in the Language Switcher Dropdown module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a block.... Read more

    Affected Products : language_switcher_dropdown
    • EPSS Score: %0.25
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-3653

    Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template.... Read more

    Affected Products : foreman
    • EPSS Score: %0.28
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5371

    The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scripts via unspecified vectors.... Read more

    Affected Products : storage_manager
    • EPSS Score: %83.03
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-4648

    Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX control in ipropsapivideo in Panasonic Security API (PS-API) ActiveX SDK before 8.10.18 allows remote attackers to execute arbitrary code via a long string to the MulticastAddr method.... Read more

    Affected Products : security_api_activex_sdk
    • EPSS Score: %2.70
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-4647

    Multiple stack-based buffer overflows in Ipropsapi in Panasonic Security API (PS-API) ActiveX SDK before 8.10.18 allow remote attackers to execute arbitrary code via a long string in the (1) FilePassword property or to the (2) GetStringInfo method.... Read more

    Affected Products : security_api_activex_sdk
    • EPSS Score: %3.18
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-4230

    Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91854.... Read more

    Affected Products : headend_system_release
    • EPSS Score: %0.85
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 7.9

    HIGH
    CVE-2015-4034

    The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object.... Read more

    Affected Products : galaxy_s5
    • EPSS Score: %0.25
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-4033

    Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to access the HTTP server on port 15000.... Read more

    Affected Products : s-beam
    • EPSS Score: %0.43
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2126

    Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.05
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-2743

    PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.... Read more

    • EPSS Score: %1.29
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-2742

    Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.... Read more

    Affected Products : firefox macos solaris
    • EPSS Score: %0.56
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-2741

    Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass... Read more

    Affected Products : firefox firefox_esr solaris
    • EPSS Score: %0.56
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2740

    Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspeci... Read more

    • EPSS Score: %4.14
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2739

    The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.... Read more

    • EPSS Score: %0.75
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2738

    The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which h... Read more

    • EPSS Score: %0.94
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2737

    The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified im... Read more

    • EPSS Score: %0.94
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2736

    The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a... Read more

    • EPSS Score: %2.72
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2735

    nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.... Read more

    • EPSS Score: %2.72
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291014 Results