Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2022-28108

    Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain.... Read more

    Affected Products : selenium_grid
    • EPSS Score: %70.39
    • Published: Apr. 19, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2228

    Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : teikihoukokusho_sakuseishien_tool
    • EPSS Score: %0.32
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2021-42969

    Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed.... Read more

    Affected Products : anaconda3
    • EPSS Score: %5.30
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10383

    In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI.... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8255

    In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot.... Read more

    Affected Products : android
    • EPSS Score: %0.09
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10812

    Untrusted search path vulnerability in Photo Collection PC Software Ver.4.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : photo_collection_pc_software
    • EPSS Score: %0.14
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10827

    Untrusted search path vulnerability in Flets Azukeru for Windows Auto Backup Tool v1.0.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    • EPSS Score: %0.14
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0758

    A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492741.... Read more

    Affected Products : android
    • EPSS Score: %0.25
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0762

    A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62214264.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0766

    A remote code execution vulnerability in the Android media framework (libjhead). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37776688.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0768

    A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62019992.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-7908

    Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow remote attackers to discover cleartext passwords by sniffing the network.... Read more

    • EPSS Score: %0.29
    • Published: Dec. 21, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2017-0764

    A remote code execution vulnerability in the Android media framework (libvorbis). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872015.... Read more

    Affected Products : android
    • EPSS Score: %0.27
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-6638

    The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 24673908.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jan. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6647

    The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554.... Read more

    Affected Products : android
    • EPSS Score: %0.17
    • Published: Jan. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-8886

    AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmwar... Read more

    Affected Products : fritz\!_os
    • EPSS Score: %4.54
    • Published: Jan. 08, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    CRITICAL
    CVE-2022-31507

    The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : ganga
    • EPSS Score: %0.60
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31510

    The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : simple-rat
    • EPSS Score: %0.43
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31519

    The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : windmill
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31524

    The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : pure_swagger
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292316 Results