Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2015-1941

    The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to read arbitrary files via a crafted TCP packet to an unspecified port.... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %4.23
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-1938

    The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1986.... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %14.34
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-1930

    Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CV... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %1.42
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-1929

    Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CV... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %1.42
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-1925

    Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1929, CV... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %1.42
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-1924

    Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1925, CVE-2015-1929, CV... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %1.42
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-1923

    Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.... Read more

    Affected Products : tivoli_storage_manager_fastback
    • EPSS Score: %1.94
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-1919

    Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.... Read more

    • EPSS Score: %0.24
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-5151

    Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter in a revslider_ajax_action action to wp-admin/admin-aja... Read more

    Affected Products : slider_revolution
    • EPSS Score: %0.17
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-5150

    Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the (1) query parameter in the run_query_editor_query module to CustomReportHandle... Read more

    Affected Products : manageengine_supportcenter_plus
    • EPSS Score: %0.97
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-5149

    Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. (dot dot) in the component parameter in the Request component to workorder/Attachment.jsp.... Read more

    Affected Products : manageengine_supportcenter_plus
    • EPSS Score: %42.46
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-5148

    SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL commands via the search_query parameter to product/search.... Read more

    Affected Products : livelycart
    • EPSS Score: %1.02
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-9735

    The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to (1) upload and e... Read more

    Affected Products : slider_revolution showbiz_pro
    • EPSS Score: %82.90
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-9734

    Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.... Read more

    Affected Products : slider_revolution
    • EPSS Score: %6.87
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4229

    The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589.... Read more

    • EPSS Score: %0.43
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-4227

    Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91838.... Read more

    Affected Products : headend_system_release
    • EPSS Score: %0.85
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-1913

    Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server 8.0.0.x before 8.0.0.5, 8.0.1.x before 8.0.1.6, 8.5.0.x before 8.5.0.4, 8.5.1.x before 8.5.1.5, 8.6.0.x before 8.6.0.4, and 8.7.0.x before 8.7.0.2 uses the ... Read more

    • EPSS Score: %0.26
    • Published: Jun. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1900

    IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors.... Read more

    Affected Products : linux_kernel infosphere_datastage
    • EPSS Score: %0.06
    • Published: Jun. 29, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0545

    EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : unisphere
    • EPSS Score: %4.70
    • Published: Jun. 29, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-0196

    CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 before 7.0.0.8 Cumulative iFix 2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.... Read more

    Affected Products : websphere_commerce
    • EPSS Score: %0.25
    • Published: Jun. 29, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 290997 Results