Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.8

    MEDIUM
    CVE-2017-6143

    X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated in F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.2, or 11.5.0-11... Read more

    • Published: Apr. 13, 2018
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2017-6142

    X509 certificate verification was not correctly implemented in the early access "user id" feature in the F5 BIG-IP Advanced Firewall Manager versions 13.0.0, 12.1.0-12.1.2, and 11.6.0-11.6.2, and thus did not properly validate the remote server's identity... Read more

    Affected Products : big-ip_advanced_firewall_manager
    • Published: Jan. 19, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-6049

    Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL.... Read more

    Affected Products : detcon_sitewatch_gateway
    • Published: Apr. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-6047

    Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication.... Read more

    Affected Products : detcon_sitewatch_gateway
    • Published: Apr. 02, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-6021

    In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, 2014 R1.1 (build 75.5387) and prior, 2015 R1 (build 76.5648) and prior, and 2015 R2 (build 77.5882) and prior, an attacker with network access to the ClearSCADA server can send specially ... Read more

    Affected Products : clearscada clearscada
    • Published: May. 14, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2017-6020

    Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.... Read more

    Affected Products : laquis_scada
    • Published: Apr. 17, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-6015

    Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileg... Read more

    Affected Products : factorytalk_activation
    • Published: May. 11, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-5984

    In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.... Read more

    Affected Products : libav
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-5971

    SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.... Read more

    Affected Products : newsbee
    • Published: Jan. 08, 2018
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2017-5947

    An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. The attacker can reboot the device into the Qualcomm Emergency Download (EDL) mode through ADB or by using Volume-Up when connected to USB, which in turn cou... Read more

    • Published: Mar. 29, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-5934

    Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : ubuntu_linux debian_linux leap moinmoin
    • Published: Oct. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2017-5871

    Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote).... Read more

    Affected Products : odoo
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-5864

    Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).... Read more

    Affected Products : open-xchange_appsuite
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-5863

    Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.... Read more

    Affected Products : open-xchange_appsuite
    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-5829

    An access restriction bypass vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.... Read more

    Affected Products : aruba_clearpass_policy_manager
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2017-5828

    An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.... Read more

    Affected Products : aruba_clearpass_policy_manager
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-5827

    A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.... Read more

    Affected Products : aruba_clearpass_policy_manager
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-5826

    An authenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.... Read more

    Affected Products : aruba_clearpass_policy_manager
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-5825

    A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.... Read more

    Affected Products : aruba_clearpass_policy_manager
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-5824

    An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.... Read more

    Affected Products : aruba_clearpass_policy_manager
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293360 Results