Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-10864

    Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : confidential_file_viewer
    • Published: Oct. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    CRITICAL
    CVE-2022-33288

    Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.... Read more

    • Published: Apr. 13, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-5996

    The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.... Read more

    Affected Products : remote_support remote_support
    • Published: Oct. 26, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0832

    A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62887820.... Read more

    Affected Products : android
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0834

    A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953.... Read more

    Affected Products : android
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8140

    The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads ... Read more

    Affected Products : p9_plus_firmware p9_plus
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8160

    The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172 versions,Victoria-TL00AC00B123,Victoria-TL00AC01B167 has a use after free (UAF) ... Read more

    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-11043

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur.... Read more

    Affected Products : android
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13151

    A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.... Read more

    Affected Products : android
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-15049

    The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.... Read more

    Affected Products : zoom
    • Published: Dec. 19, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-17409

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mal... Read more

    Affected Products : internet_security_2018
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-17410

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mal... Read more

    Affected Products : internet_security_2018
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-16897

    A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3.0.5. This vulnerability allows an attacker to impersonate another user and potentially elevate their privileges if the SAML identity provider does not sig... Read more

    Affected Products : passport-wsfed-saml2
    • Published: Dec. 27, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    CRITICAL
    CVE-2023-31191

    DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. An attacker can exploit this vulnerability by injecting, on carefully selected channels, high power spoofed Open Dro... Read more

    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-13176

    In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0507

    Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.11 and earlier versions allow an attacker to gain privileges via a Trojan horse DL... Read more

    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2023-21651

    Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.... Read more

    • Published: Aug. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-13230

    In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for e... Read more

    Affected Products : android
    • Published: Feb. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-5796

    A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 Series Network Switches version RA.15.05.0006 was found.... Read more

    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0771

    Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759.... Read more

    Affected Products : shockwave_player
    • Published: Feb. 19, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292781 Results