Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-8211

    The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user ... Read more

    • EPSS Score: %0.18
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2021-0339

    In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User int... Read more

    Affected Products : android
    • EPSS Score: %0.09
    • Published: Feb. 10, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-11043

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0876

    A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-64964675.... Read more

    Affected Products : android
    • EPSS Score: %0.46
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0877

    A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937.... Read more

    Affected Products : android
    • EPSS Score: %0.46
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0878

    A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 8.0. Android ID A-65186291.... Read more

    Affected Products : android
    • EPSS Score: %0.46
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13151

    A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.... Read more

    Affected Products : android
    • EPSS Score: %0.46
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-8358

    Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the "Mobile Partner" directory, which allows remote attacke... Read more

    • EPSS Score: %0.78
    • Published: Dec. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-15049

    The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.... Read more

    Affected Products : zoom
    • EPSS Score: %28.86
    • Published: Dec. 19, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-17409

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mal... Read more

    Affected Products : internet_security_2018
    • EPSS Score: %1.28
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-17410

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mal... Read more

    Affected Products : internet_security_2018
    • EPSS Score: %1.28
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10909

    Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : music_center music_center_for_pc
    • EPSS Score: %0.11
    • Published: Dec. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-15316

    The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free vulnerability. An attacker tricks a user into installing a... Read more

    • EPSS Score: %0.11
    • Published: Dec. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-16897

    A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3.0.5. This vulnerability allows an attacker to impersonate another user and potentially elevate their privileges if the SAML identity provider does not sig... Read more

    Affected Products : passport-wsfed-saml2
    • EPSS Score: %0.42
    • Published: Dec. 27, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    CRITICAL
    CVE-2023-31191

    DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. An attacker can exploit this vulnerability by injecting, on carefully selected channels, high power spoofed Open Dro... Read more

    • EPSS Score: %0.03
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-13176

    In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed... Read more

    Affected Products : android
    • EPSS Score: %0.69
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0507

    Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.11 and earlier versions allow an attacker to gain privileges via a Trojan horse DL... Read more

    • EPSS Score: %0.17
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-1632

    htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter.... Read more

    Affected Products : eventum
    • EPSS Score: %16.90
    • Published: Jan. 31, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2023-21651

    Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.... Read more

    • EPSS Score: %0.05
    • Published: Aug. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-5359

    Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.77
    • Published: Feb. 08, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291737 Results