Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2023-6198

    Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User Passwords modules) allows unauthorized access to the device.... Read more

    Affected Products :
    • Published: Jun. 25, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-37260

    Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz: from n/a through 2.3.5.... Read more

    Affected Products : foxiz
    • Published: Jul. 06, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-21876

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envo... Read more

    Affected Products : iq_gateway_firmware iq_gateway
    • Published: Aug. 12, 2024
    • Modified: Aug. 23, 2024

  • 9.3

    CRITICAL
    CVE-2024-23981

    Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 06, 2024

  • 9.3

    CRITICAL
    CVE-2024-24759

    MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 23.12.4.2, a threat actor can bypass the server-side request forgery protection on the whole website with DNS Rebinding. The vulnerability can also lead to d... Read more

    Affected Products : mindsdb
    • Published: Sep. 05, 2024
    • Modified: Sep. 06, 2024

  • 9.3

    HIGH
    CVE-2017-0664

    A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36491278.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0665

    A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36991414.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0667

    A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37478824.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0671

    A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762.... Read more

    Affected Products : android
    • EPSS Score: %0.18
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0673

    A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0676

    A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431.... Read more

    Affected Products : android
    • EPSS Score: %0.29
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0677

    A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36035074.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0682

    A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36588422.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0683

    A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36591008.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0700

    A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-35639138.... Read more

    Affected Products : android
    • EPSS Score: %0.27
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0702

    A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36621442.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0703

    A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33123882.... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2021-39702

    In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges n... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39706

    In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials storage due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2232

    Untrusted search path vulnerability in Installer of Shinseiyo Sogo Soft (4.8A) and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : shinseiyo_sogo_soft
    • EPSS Score: %0.14
    • Published: Jul. 07, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291946 Results