Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-40965

    A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker.... Read more

    Affected Products : tinyfilemanager
    • EPSS Score: %0.13
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-7599

    Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary co... Read more

    Affected Products : vxworks
    • EPSS Score: %5.29
    • Published: Feb. 07, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0410

    An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to ele... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0411

    An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to ele... Read more

    Affected Products : android
    • EPSS Score: %3.67
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0417

    An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated c... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0418

    An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated c... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0427

    An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device com... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.12
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2021-37364

    OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has the modify permission to openclinic folders/files. A low privilege account is able to rename mysqld.exe or tomcat8.exe files located in bin folders an... Read more

    Affected Products : openclinic_ga
    • EPSS Score: %0.17
    • Published: Oct. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-6351

    The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with th... Read more

    Affected Products : wipg-1500_firmware wipg-1500
    • EPSS Score: %16.70
    • Published: Mar. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0307

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device comp... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.24
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0333

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device comp... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.25
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2021-42057

    Obsidian Dataview through 0.4.12-hotfix1 allows eval injection. The evalInContext function in executes user input, which allows an attacker to craft malicious Markdown files that will execute arbitrary code once opened. NOTE: 0.4.13 provides a mitigation ... Read more

    Affected Products : obsidian_dataview
    • EPSS Score: %0.30
    • Published: Nov. 04, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-0472

    A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution ... Read more

    Affected Products : android
    • EPSS Score: %0.32
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0473

    A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution ... Read more

    Affected Products : android
    • EPSS Score: %0.32
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0475

    An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device comp... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0503

    An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of th... Read more

    Affected Products : android
    • EPSS Score: %0.22
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0507

    An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device c... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.23
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0508

    An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device c... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.25
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0528

    An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level de... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.23
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-6549

    Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, ... Read more

    Affected Products : rt-ac53_firmware rt-ac53
    • EPSS Score: %24.52
    • Published: Mar. 09, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291722 Results