Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2017-8408

    An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request (to test if SMB credentials ... Read more

    Affected Products : dcs-1130_firmware dcs-1130
    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-8407

    An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross-site request forgery protect... Read more

    Affected Products : dcs-1130_firmware dcs-1130
    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-8406

    An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any inform... Read more

    Affected Products : dcs-1130_firmware dcs-1130
    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-8405

    An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads at address 0x00012CF4 a flag called "Authenticate" that... Read more

    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-8404

    An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentia... Read more

    Affected Products : dcs-1130_firmware dcs-1130
    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2017-8341

    Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.... Read more

    Affected Products : open-xchange_appsuite
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-8340

    Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.... Read more

    Affected Products : open-xchange_appsuite
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-8337

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of executing various actions on the web management interface. It seems that the device does not implement an... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-8336

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up route... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2017-8335

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It ... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2017-8334

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking IP addresses using the web management interface. It seems that the device does not implement any... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-8333

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up route... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-8332

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to prevent kids from watching content that might be deemed ... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-8331

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request ... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-8330

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP param... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 6.4

    MEDIUM
    CVE-2017-8329

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting a name for the wireless network. These values are stored by the device in NVRAM (Non-volatile RAM... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-8328

    An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not ... Read more

    • Published: Jun. 18, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-8316

    IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.... Read more

    Affected Products : intellij_idea
    • Published: Aug. 03, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-8315

    Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml.... Read more

    Affected Products : ide
    • Published: Apr. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-8276

    Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/... Read more

    • Published: Jan. 18, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 293507 Results