Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2017-2858

    An exploitable denial-of-service vulnerability exists in the traversal of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicio... Read more

    Affected Products : xltek_neuroworks
    • Published: Jun. 01, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2857

    An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully... Read more

    Affected Products : c1_firmware c1
    • Published: Sep. 17, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2856

    An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully... Read more

    Affected Products : c1_firmware c1
    • Published: Sep. 17, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2855

    An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully... Read more

    Affected Products : c1_firmware c1
    • Published: Sep. 19, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2854

    An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully... Read more

    Affected Products : c1_firmware c1
    • Published: Sep. 17, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-2853

    An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker ca... Read more

    Affected Products : xltek_neuroworks
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-2852

    An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a m... Read more

    Affected Products : xltek_neuroworks
    • Published: Jun. 01, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-2840

    A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trig... Read more

    Affected Products : ultraiso
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-2839

    An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker c... Read more

    Affected Products : debian_linux freerdp
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-2838

    An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker c... Read more

    Affected Products : debian_linux freerdp
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-2837

    An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can c... Read more

    Affected Products : debian_linux freerdp
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-2836

    An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. ... Read more

    Affected Products : debian_linux freerdp
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-2835

    An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise th... Read more

    Affected Products : debian_linux freerdp
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-2834

    An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise... Read more

    Affected Products : debian_linux freerdp
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-2833

    An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters... Read more

    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-2832

    An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters... Read more

    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2017-2826

    An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information d... Read more

    Affected Products : debian_linux zabbix
    • Published: Apr. 09, 2018
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2017-2825

    In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabb... Read more

    Affected Products : debian_linux zabbix
    • Published: Apr. 20, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2017-2815

    An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request... Read more

    Affected Products : user_import_export
    • Published: May. 15, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-2812

    A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise.... Read more

    Affected Products : kakadu_sdk
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293288 Results