Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2024-48841

    Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older.... Read more

    Affected Products :
    • Published: Jan. 27, 2025
    • Modified: Feb. 14, 2025
    • Vuln Type: Authentication

  • 10.0

    CRITICAL
    CVE-2021-41556

    sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of ... Read more

    Affected Products : fedora squirrel
    • EPSS Score: %0.56
    • Published: Jul. 28, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5859

    On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183.... Read more

    • EPSS Score: %0.18
    • Published: Mar. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-5823

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %52.89
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5806

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %57.19
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-47901

    A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of a... Read more

    • Published: Oct. 23, 2024
    • Modified: Oct. 30, 2024

  • 10.0

    HIGH
    CVE-2017-5805

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %57.19
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5802

    A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was found.... Read more

    Affected Products : vertica
    • EPSS Score: %2.14
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5821

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %46.40
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5689

    An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features g... Read more

    • Actively Exploited
    • EPSS Score: %94.30
    • Published: May. 02, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2021-26897

    Windows DNS Server Remote Code Execution Vulnerability... Read more

    • EPSS Score: %10.79
    • Published: Mar. 11, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5624

    An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot oem disable_dm_verity' command. Having dm-verity disable... Read more

    Affected Products : oxygenos oneplus_3 oneplus_3t
    • EPSS Score: %1.97
    • Published: Mar. 12, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-5399

    Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52 and Thunder... Read more

    Affected Products : firefox thunderbird
    • EPSS Score: %0.77
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5397

    The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to repl... Read more

    Affected Products : firefox
    • EPSS Score: %0.55
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-5226

    When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.... Read more

    Affected Products : bubblewrap
    • EPSS Score: %10.38
    • Published: Mar. 29, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-5173

    An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not ... Read more

    • EPSS Score: %80.50
    • Published: May. 19, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2017-5145

    An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. Successful exploitation of this CROSS-SITE REQUEST FORGERY (CSRF) vulnerability can allow execution of unauthorized actions on... Read more

    • EPSS Score: %0.21
    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-5162

    An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration.... Read more

    • EPSS Score: %60.06
    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2021-30116

    Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x... Read more

    Affected Products : vsa_agent vsa_server
    • Actively Exploited
    • EPSS Score: %18.05
    • Published: Jul. 09, 2021
    • Modified: Mar. 14, 2025

  • 10.0

    HIGH
    CVE-2017-4997

    EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.... Read more

    • EPSS Score: %5.22
    • Published: Jun. 29, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292721 Results