Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-0795

    A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36198473. References: M-ALPS03361480.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9788

    Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28573112 and Qualcomm internal bug CR548872.... Read more

    Affected Products : android
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-9793

    platform/msm_shared/mmc.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles the power-on write-protect feature, which allows attackers to gain privileges via a crafted application, aka Android internal bug 288212... Read more

    Affected Products : android
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-9865

    drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly restrict user-space input, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28748... Read more

    Affected Products : android
    • Published: Aug. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-9934

    A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding.... Read more

    Affected Products : android
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10892

    Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : music_center music_center_for_pc
    • Published: Dec. 01, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-1743

    Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to create and overwrite arbitrary files via a filename containing a ..\ (dot dot backsl... Read more

    • Published: May. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-8307

    The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with... Read more

    Affected Products : mate_s_firmware p8_firmware p8 mate_s
    • Published: Apr. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-9002

    In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.... Read more

    Affected Products : android
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-3831

    Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 194... Read more

    Affected Products : android
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-10681

    roslib-socketio - The standard ROS Javascript Library fork for add support to socket.io roslib-socketio downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping o... Read more

    Affected Products : roslibjs
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-5014

    IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle attackers to obtain access by spoofing an executable file during a client upload operation.... Read more

    Affected Products : cognos_disclosure_management
    • Published: Oct. 26, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2009-2362

    Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows remote attackers to execute arbitrary code via a long string in a (1) .lst or (2) .m3u playlist file.... Read more

    Affected Products : audioplus
    • Published: Jul. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2014-9962

    In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command.... Read more

    Affected Products : android
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9964

    In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality.... Read more

    Affected Products : android
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-2617

    Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote attackers to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file.... Read more

    Affected Products : storm
    • Published: Jul. 27, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3176

    Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professi... Read more

    Affected Products : iprint
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-6223

    Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileg... Read more

    • Published: Oct. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2008-5534

    ESET NOD32 Antivirus 3662 and possibly 3440, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1... Read more

    Affected Products : internet_explorer nod32_antivirus
    • Published: Dec. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5540

    Secure Computing Secure Web Gateway (aka Webwasher), when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to... Read more

    • Published: Dec. 12, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292803 Results