Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2017-6360

    QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors.... Read more

    Affected Products : qts
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-6359

    QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors.... Read more

    Affected Products : qts
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-6342

    An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the s... Read more

    • Published: Feb. 27, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-6315

    Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a crafted request to index.plx.... Read more

    • Published: Sep. 19, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2024-48841

    Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older.... Read more

    Affected Products :
    • Published: Jan. 27, 2025
    • Modified: Feb. 14, 2025
    • Vuln Type: Authentication

  • 10.0

    CRITICAL
    CVE-2021-41556

    sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of ... Read more

    Affected Products : fedora squirrel
    • Published: Jul. 28, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5859

    On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183.... Read more

    • Published: Mar. 10, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-5823

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.... Read more

    Affected Products : intelligent_management_center
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5806

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.... Read more

    Affected Products : intelligent_management_center
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-47901

    A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of a... Read more

    • Published: Oct. 23, 2024
    • Modified: Oct. 30, 2024

  • 10.0

    HIGH
    CVE-2017-5805

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.... Read more

    Affected Products : intelligent_management_center
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5802

    A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was found.... Read more

    Affected Products : vertica
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5821

    A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.... Read more

    Affected Products : intelligent_management_center
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5689

    An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features g... Read more

    • Actively Exploited
    • Published: May. 02, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2021-26897

    Windows DNS Server Remote Code Execution Vulnerability... Read more

    • Published: Mar. 11, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5624

    An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot oem disable_dm_verity' command. Having dm-verity disable... Read more

    Affected Products : oxygenos oneplus_3 oneplus_3t
    • Published: Mar. 12, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-5399

    Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52 and Thunder... Read more

    Affected Products : firefox thunderbird
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5397

    The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to repl... Read more

    Affected Products : firefox
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-5226

    When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.... Read more

    Affected Products : bubblewrap
    • Published: Mar. 29, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-5173

    An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not ... Read more

    • Published: May. 19, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292767 Results