Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-13854

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary cod... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %0.24
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-13853

    An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "AppleGraphicsControl" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corrup... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.25
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-13851

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "DesktopServices" component. It allows local users to bypass intended access restrictions on home folder files.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.05
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2017-13850

    An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Font Importer" component. It allows remote attackers to cause a denial of service (memory corruption) or obtain sensitive information from process... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.32
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-13839

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Spotlight" component. It allows local users to see results for other users' files.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.05
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-13837

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.32
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13835

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13. An application may be able to execute arbitrary code with elevated privileges.... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.37
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-13827

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that performs kext loading.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.23
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-13806

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Profiles" component. It does not enforce the configuration profile's settings for whether pairings are allowed.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.19
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-13719

    The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTT... Read more

    Affected Products : ipm-721s_firmware ipm-721s
    • EPSS Score: %2.61
    • Published: Jul. 03, 2019
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2017-13718

    The HTTP API supported by Starry Station (aka Starry Router) allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to t... Read more

    Affected Products : s00111_firmware s00111
    • EPSS Score: %1.64
    • Published: Jun. 10, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-13717

    Starry Station (aka Starry Router) sets the Access-Control-Allow-Origin header to "*". This allows any hosted file on any domain to make calls to the device's webserver and brute force the credentials and pull any information that is stored on the device.... Read more

    Affected Products : s00111_firmware s00111
    • EPSS Score: %2.16
    • Published: Jun. 10, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-13696

    A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit ... Read more

    Affected Products : dupscout syncbreeze diskpulse disksavvy
    • EPSS Score: %76.92
    • Published: Jan. 24, 2018
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2017-13678

    Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application.... Read more

    • EPSS Score: %0.31
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-13677

    Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes.... Read more

    • EPSS Score: %7.19
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-13668

    OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).... Read more

    Affected Products : open-xchange_appsuite
    • EPSS Score: %0.34
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-13667

    OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.... Read more

    Affected Products : open-xchange_appsuite
    • EPSS Score: %0.38
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-13652

    NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface.... Read more

    Affected Products : oncommand_insight
    • EPSS Score: %0.26
    • Published: Jul. 31, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-13307

    A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924.... Read more

    Affected Products : android
    • EPSS Score: %0.10
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-13306

    A elevation of privilege vulnerability in the Upstream kernel mnh driver. Product: Android. Versions: Android kernel. Android ID: A-70295063.... Read more

    Affected Products : android
    • EPSS Score: %0.10
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291808 Results