Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-20148

    In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls.... Read more

    Affected Products : logcheck
    • EPSS Score: %0.11
    • Published: Sep. 20, 2022
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2017-20169

    A vulnerability, which was classified as critical, has been found in GGGGGGGG ToN-MasterServer. Affected by this issue is some unknown functionality of the file public_html/irc_updater/svr_request_pub.php. The manipulation leads to sql injection. The patc... Read more

    Affected Products : ton-masterserver
    • EPSS Score: %0.05
    • Published: Jan. 13, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20189

    In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects.... Read more

    Affected Products : clojure
    • EPSS Score: %3.01
    • Published: Jan. 22, 2024
    • Modified: May. 30, 2025

  • 9.8

    CRITICAL
    CVE-2017-20156

    A vulnerability was found in Exciting Printer and classified as critical. This issue affects some unknown processing of the file lib/printer/jobs/prepare_page.rb of the component Argument Handler. The manipulation of the argument URL leads to command inje... Read more

    Affected Products : printer
    • EPSS Score: %0.69
    • Published: Dec. 31, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20157

    A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to a... Read more

    Affected Products : ariadne_component_library
    • EPSS Score: %0.05
    • Published: Dec. 31, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-1243

    Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.... Read more

    Affected Products : debian_linux unadf
    • EPSS Score: %27.59
    • Published: Oct. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2017-20146

    Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.... Read more

    Affected Products : handlers
    • EPSS Score: %0.06
    • Published: Dec. 27, 2022
    • Modified: Apr. 11, 2025

  • 9.8

    CRITICAL
    CVE-2017-20142

    A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection (Union). The attack can be initiated r... Read more

    Affected Products : movie_portal_script
    • EPSS Score: %0.22
    • Published: Jul. 22, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20139

    A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(... Read more

    Affected Products : movie_portal_script
    • EPSS Score: %0.22
    • Published: Jul. 22, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20133

    A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The manipulation leads to improper authentication. It is possible to initiate the attack remotely.... Read more

    Affected Products : job_portal_script
    • EPSS Score: %0.32
    • Published: Jul. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20130

    A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for lea... Read more

    Affected Products : real_estate_script
    • EPSS Score: %0.25
    • Published: Jul. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20128

    A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The atta... Read more

    Affected Products : kb_messages_php_script
    • EPSS Score: %0.25
    • Published: Jul. 13, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-0801

    The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message... Read more

    Affected Products : android mac_os_x iphone_os tvos watchos
    • EPSS Score: %46.03
    • Published: Feb. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2017-20127

    A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack ... Read more

    Affected Products : kb_login_authentication_script
    • EPSS Score: %0.52
    • Published: Jul. 13, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20145

    A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to v... Read more

    Affected Products : responsive_filemanager
    • EPSS Score: %0.47
    • Published: Jul. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20138

    A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4' AND 1734=1734 AND 'Ggks'='Ggks leads to sql inject... Read more

    Affected Products : auction_script
    • EPSS Score: %0.18
    • Published: Jul. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20039

    A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very critical. This affects an unknown part. The manipulation leads to weak authentication. It is possible to initiate the attack remotely.... Read more

    Affected Products : access_control
    • EPSS Score: %0.38
    • Published: Jun. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-8871

    Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.... Read more

    Affected Products : openjpeg debian_linux
    • EPSS Score: %2.73
    • Published: Sep. 21, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2017-20025

    A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Flash Memory. The manipulation leads to privilege escalation. The attack can be ... Read more

    • EPSS Score: %0.33
    • Published: Jun. 09, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-8608

    The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.... Read more

    Affected Products : perl
    • EPSS Score: %2.19
    • Published: Feb. 07, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292650 Results