Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2015-4218

    The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858.... Read more

    Affected Products : jabber
    • EPSS Score: %0.43
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2015-4215

    Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote attackers to cause a denial of service (device crash) by triggering an exception during attempted forwarding of unspecified IPv6 packets to a non-IPv6 device, ... Read more

    Affected Products : wireless_lan_controller_software
    • EPSS Score: %0.52
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-4214

    Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote authenticated users to discover cleartext passwords by reading HTML source code, aka Bug ID CSCuu33050.... Read more

    Affected Products : unified_meetingplace
    • EPSS Score: %0.29
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2015-4213

    Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.... Read more

    • EPSS Score: %0.72
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-4212

    Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by discovering credentials, aka Bug ID CSCut17466.... Read more

    Affected Products : webex_meeting_center
    • EPSS Score: %0.43
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-4211

    Cisco AnyConnect Secure Mobility Client 3.1(60) on Windows does not properly validate pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCus65862.... Read more

    • EPSS Score: %0.12
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-4208

    Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398... Read more

    Affected Products : webex_meeting_center
    • EPSS Score: %0.60
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3112

    Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : photoshop_cc mac_os_x windows bridge
    • EPSS Score: %52.50
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3111

    Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : photoshop_cc mac_os_x windows bridge
    • EPSS Score: %49.83
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3110

    Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : photoshop_cc mac_os_x windows bridge
    • EPSS Score: %49.28
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3109

    Adobe Photoshop CC before 16.0 (aka 2015.0.0) allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : photoshop_cc mac_os_x windows
    • EPSS Score: %6.53
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-2308

    Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element.... Read more

    Affected Products : symfony
    • EPSS Score: %0.54
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-4875

    CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server (BOSS) DB2 database credentials by leveraging knowledge of this key in con... Read more

    Affected Products : chec
    • EPSS Score: %0.34
    • Published: Jun. 24, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3113

    Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the ... Read more

    • Actively Exploited
    • EPSS Score: %92.58
    • Published: Jun. 23, 2015
    • Modified: Apr. 12, 2025

  • 5.8

    MEDIUM
    CVE-2015-2859

    Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain s... Read more

    Affected Products : epolicy_orchestrator
    • EPSS Score: %0.20
    • Published: Jun. 23, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-2860

    Directory traversal vulnerability in Avigilon Control Center (ACC) 4 before 4.12.0.54 and 5 before 5.4.2.22 allows remote attackers to read arbitrary files via a crafted help/ URL.... Read more

    Affected Products : avigilon_control_center
    • EPSS Score: %0.46
    • Published: Jun. 23, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-0972

    Pearson ProctorCache before 2015.1.17 uses the same hardcoded password across different customers' installations, which allows remote attackers to modify test metadata or cause a denial of service (test disruption) by leveraging knowledge of this password... Read more

    Affected Products : proctorcache
    • EPSS Score: %0.40
    • Published: Jun. 23, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-4882

    Aptexx Resident Anywhere does not require authentication, which allows remote attackers to obtain sensitive information or modify data via a direct request.... Read more

    Affected Products : resident_anywhere
    • EPSS Score: %0.56
    • Published: Jun. 23, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-4726

    PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config['basedir'] parameter.... Read more

    Affected Products : audioshare
    • EPSS Score: %0.50
    • Published: Jun. 23, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-4725

    Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the email parameter.... Read more

    Affected Products : audioshare
    • EPSS Score: %0.22
    • Published: Jun. 23, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291002 Results