Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2018-11706

    FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.... Read more

    Affected Products : image_viewer
    • Published: Jun. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-11705

    FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.... Read more

    Affected Products : image_viewer
    • Published: Jun. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-11704

    FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.... Read more

    Affected Products : image_viewer
    • Published: Jun. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-11703

    FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.... Read more

    Affected Products : image_viewer
    • Published: Jun. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-11702

    FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.... Read more

    Affected Products : image_viewer
    • Published: Jun. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-11701

    FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.... Read more

    Affected Products : image_viewer
    • Published: Jun. 20, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2018-11698

    An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a d... Read more

    Affected Products : libsass
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2018-11697

    An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory caus... Read more

    Affected Products : libsass
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-11696

    An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impa... Read more

    Affected Products : libsass
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-11695

    An issue was discovered in LibSass <3.5.3. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.... Read more

    Affected Products : libsass
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-11694

    An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified o... Read more

    Affected Products : libsass
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2018-11693

    An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memo... Read more

    Affected Products : libsass
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-11692

    An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that thi... Read more

    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-11691

    Emerson DeltaV Smart Switch Command Center application, available in versions 11.3.x and 12.3.1, was unable to change the DeltaV Smart Switches’ management password upon commissioning. Emerson released patches for DeltaV workstations to address this issue... Read more

    Affected Products : ve6046_firmware ve6046
    • Published: May. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-11690

    The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute scri... Read more

    Affected Products : gridbox
    • Published: Jun. 14, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-11689

    Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)... Read more

    • Published: Jun. 14, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-11688

    Ignite Realtime Openfire before 3.9.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the ... Read more

    Affected Products : openfire
    • Published: Jun. 13, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-11687

    An integer overflow in the distributeBTR function of a smart contract implementation for Bitcoin Red (BTCR), an Ethereum ERC20 token, allows the owner to accomplish an unauthorized increase of digital assets by providing a large address[] array, as exploi... Read more

    Affected Products : bitcoin_red
    • Published: Aug. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2018-11686

    The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.... Read more

    Affected Products : flexpaper
    • Published: Jul. 03, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-11685

    Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.... Read more

    Affected Products : ubuntu_linux leap liblouis
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 294335 Results