Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2017-12610

    In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementat... Read more

    Affected Products : kafka
    • EPSS Score: %0.13
    • Published: Jul. 26, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-12590

    ASUS RT-N14UHP devices before 3.0.0.4.380.8015 have a reflected XSS vulnerability in the "flag" parameter.... Read more

    Affected Products : rt-n14uhp_firmware rt-n14uhp
    • EPSS Score: %0.24
    • Published: Mar. 16, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12580

    An issue was discovered in IDM UltraEdit through 24.10.0.32. To exploit the vulnerability, on unpatched Windows systems, an attacker could include in the same directory as the affected executable a DLL using the name of a Windows DLL. This DLL must be pre... Read more

    Affected Products : ultraedit
    • EPSS Score: %0.05
    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12577

    An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows attackers to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission.... Read more

    • EPSS Score: %0.39
    • Published: Aug. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-12576

    An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management page was used for debugging purposes, once you login an... Read more

    Affected Products : cs-qr20_firmware cs-qr20
    • EPSS Score: %0.57
    • Published: Aug. 24, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12575

    An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vulnerability by sending a crafted HTTP... Read more

    Affected Products : wg2600hp2_firmware wg2600hp2
    • EPSS Score: %0.68
    • Published: Aug. 24, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12574

    An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized ac... Read more

    Affected Products : cs-w50hd_firmware cs-w50hd
    • EPSS Score: %0.42
    • Published: Aug. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-12573

    An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execu... Read more

    Affected Products : cs-w50hd_firmware cs-w50hd
    • EPSS Score: %0.86
    • Published: Aug. 24, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12561

    A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7.3 E0504P4 and earlier was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %56.13
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2017-12560

    A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %0.82
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2017-12559

    A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %0.82
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12558

    A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %56.04
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12557

    A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %86.67
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12556

    A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %56.04
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2017-12555

    A remote arbitrary file download and disclosure of information vulnerability in HPE Intelligent Management Center (iMC) Service Operation Management (SOM) version IMC SOM 7.3 E0501 was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %0.60
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-12554

    A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT iMC Plat 7.3 E0504P2 and earlier was found.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %5.70
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2017-12553

    A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.... Read more

    • EPSS Score: %0.10
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2017-12552

    A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.... Read more

    • EPSS Score: %0.06
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2017-12551

    A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.... Read more

    • EPSS Score: %0.06
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2017-12550

    A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.... Read more

    • EPSS Score: %0.06
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291562 Results