Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2015-1883

    IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read certain administrative files via crafted use of an automated-maintenance policy stored procedure.... Read more

    Affected Products : db2
    • EPSS Score: %0.34
    • Published: Jul. 20, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-0157

    IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by leveraging an unspecified scalar function in a SQL statement.... Read more

    Affected Products : db2
    • EPSS Score: %1.54
    • Published: Jul. 20, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-0130

    Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.... Read more

    • EPSS Score: %0.17
    • Published: Jul. 20, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-9196

    Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN... Read more

    Affected Products : proview
    • EPSS Score: %1.58
    • Published: Jul. 20, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-8910

    IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary text files via a crafted XML/XSLT function in a SELECT statement.... Read more

    Affected Products : db2
    • EPSS Score: %0.25
    • Published: Jul. 20, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-2972

    Multiple SQL injection vulnerabilities in Sysphonic Thetis before 2.3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : thetis
    • EPSS Score: %0.95
    • Published: Jul. 19, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-2971

    Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string.... Read more

    Affected Products : acmailer
    • EPSS Score: %3.08
    • Published: Jul. 19, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-5374

    A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module :... Read more

    • EPSS Score: %85.01
    • Published: Jul. 18, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-4458

    The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS con... Read more

    • EPSS Score: %0.44
    • Published: Jul. 18, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4280

    Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of service (HTTP service outage) via a crafted HTTP request, aka Bug ID CSCum38844.... Read more

    Affected Products : prime_collaboration
    • EPSS Score: %0.26
    • Published: Jul. 18, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-0795

    Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote attackers to execute arbitrary code via long arguments, aka Z... Read more

    • EPSS Score: %2.54
    • Published: Jul. 18, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-3625

    The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permi... Read more

    Affected Products : freebsd gpu_driver
    • EPSS Score: %0.10
    • Published: Jul. 18, 2015
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2015-4529

    Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, Documentum Administrator before 7.2P01, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote ... Read more

    • EPSS Score: %0.25
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-4528

    Cross-site scripting (XSS) vulnerability in EMC Documentum CenterStage 1.2SP1 and 1.2SP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : documentum_centerstage centerstage
    • EPSS Score: %0.18
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-0725

    Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to ca... Read more

    • EPSS Score: %0.15
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-4460

    Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 (r19171) allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts vi... Read more

    Affected Products : c2box
    • EPSS Score: %0.19
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-5386

    Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests.... Read more

    Affected Products : sicam_mic_firmware sicam_mic
    • EPSS Score: %0.68
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-4278

    Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote attackers to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID ... Read more

    • EPSS Score: %0.44
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-4276

    Cisco WebEx Meetings Server 2.5MR1 allows remote authenticated users to execute arbitrary code via a crafted command parameter, aka Bug ID CSCus56138.... Read more

    Affected Products : webex_meetings_server
    • EPSS Score: %1.20
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4275

    The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 18.0.0.59167 and 18.0.0.59211 allows remote attackers to cause a denial of service via a malformed header in a GTPv2 packet, aka Bug ID CSCut11534.... Read more

    Affected Products : asr_5000_series_software
    • EPSS Score: %0.47
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291541 Results