Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-14625

    ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.... Read more

    Affected Products : ubuntu_linux imagemagick
    • EPSS Score: %1.51
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13832

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.55
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13690

    The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.60
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13054

    The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.60
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13051

    The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.61
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13048

    The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.60
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13037

    The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.36
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13021

    The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.36
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13010

    The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().... Read more

    Affected Products : tcpdump
    • EPSS Score: %2.01
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13001

    The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.60
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12932

    ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. ... Read more

    Affected Products : php
    • EPSS Score: %2.29
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12898

    The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.12
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12894

    Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.12
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12588

    The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.... Read more

    Affected Products : rsyslog
    • EPSS Score: %0.35
    • Published: Aug. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12182

    xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.... Read more

    Affected Products : debian_linux xorg-server
    • EPSS Score: %0.95
    • Published: Jan. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-12180

    xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.... Read more

    Affected Products : debian_linux xorg-server
    • EPSS Score: %0.95
    • Published: Jan. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-12176

    xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.... Read more

    Affected Products : debian_linux xorg-server
    • EPSS Score: %0.95
    • Published: Jan. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-12166

    OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.... Read more

    Affected Products : debian_linux openvpn
    • EPSS Score: %5.14
    • Published: Oct. 04, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-10807

    JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled.... Read more

    Affected Products : jabberd2
    • EPSS Score: %1.57
    • Published: Jul. 04, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-1000158

    CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)... Read more

    Affected Products : debian_linux python
    • EPSS Score: %3.07
    • Published: Nov. 17, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291608 Results