Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

9.8

CRITICAL

CVE-2017-7898

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and ...

Affected Products : ab_micrologix_controller 1763-l16awa_series_a 1763-l16awa_series_b 1763-l16bbb_series_a 1763-l16bbb_series_b 1763-l16bwa_series_a 1763-l16bwa_series_b 1763-l16dwd_series_a 1763-l16dwd_series_b 1766-l32awa_series_a +11 more products
Published: Jun. 30, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7870

LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx....

Affected Products : libreoffice
Published: Apr. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7861

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c....

Affected Products : grpc
Published: Apr. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7824

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vul...

Affected Products : firefox firefox_esr thunderbird debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus enterprise_linux_aus
Published: Jun. 11, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-7858

FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c....

Affected Products : freetype
Published: Apr. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7859

FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c....

Affected Products : ffmpeg
Published: Apr. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7925

A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HC...

Affected Products : dh-ipc-hdbw23a0rn-zs_firmware dh-ipc-hdbw13a0sn_firmware dh-ipc-hdw1xxx_firmware dh-ipc-hdw2xxx_firmware dh-ipc-hdw4xxx_firmware dh-ipc-hfw1xxx_firmware dh-ipc-hfw2xxx_firmware dh-ipc-hfw4xxx_firmware dh-sd6cxx_firmware dh-nvr1xxx_firmware +20 more products
Published: May. 06, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-8013

EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". A...

Affected Products : data_protection_advisor
Published: Mar. 16, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-7786

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55....

Affected Products : firefox firefox_esr thunderbird enterprise_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus
Published: Jun. 11, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-7802

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are acc...

Affected Products : firefox firefox_esr thunderbird enterprise_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus
Published: Jun. 11, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-7728

On iSmartAlarm cube devices, there is authentication bypass leading to remote execution of commands (e.g., setting the alarm on/off), related to incorrect cryptography....

Affected Products : cubeone_firmware cubeone
Published: Jul. 11, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7750

A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox <...

Affected Products : firefox firefox_esr thunderbird enterprise_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus
Published: Jun. 11, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-7862

FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c....

Affected Products : ffmpeg
Published: Apr. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7751

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2....

Affected Products : firefox firefox_esr thunderbird enterprise_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus
Published: Jun. 11, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-7719

SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php....

Affected Products : spider_event_calendar spider_calendar
Published: Apr. 12, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52...

Affected Products : firefox firefox_esr thunderbird enterprise_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus
Published: Jun. 11, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-7749

A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2....

Affected Products : firefox firefox_esr thunderbird enterprise_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus
Published: Jun. 11, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-7695

Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code....

Affected Products : bigtree_cms
Published: Apr. 11, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7866

FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c....

Affected Products : ffmpeg
Published: Apr. 14, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2017-7757

A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thun...

Affected Products : firefox firefox_esr thunderbird debian_linux
Published: Jun. 11, 2018

Modified: Nov. 21, 2024

Showing 20 of 293249 Results

1
...
1301
1302
1303
1304
1305
1306
1307
...
14663

Browse by Apps

Latest CVE Feed

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable