Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-12465

    Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have unspecified impact via vectors involving the (1) vallen variable in the iottlv_parse_sequence function or (2) typ, vallen and i variables in the localrpc_parse fu... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.41
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12464

    ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via vectors involving the keyfile variable.... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.34
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12463

    Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) via vectors involving an envelope_s structure pointer when the packet format is unknown.... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.33
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12447

    GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.... Read more

    Affected Products : ubuntu_linux gdk-pixbuf nautilus
    • EPSS Score: %0.20
    • Published: Mar. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12415

    OXID eShop Community Edition before 6.0.0 RC2 (development), 4.10.x before 4.10.5 (maintenance), and 4.9.x before 4.9.10 (legacy), Enterprise Edition before 6.0.0 RC2 (development), 5.2.x before 5.2.10 (legacy), and 5.3.x before 5.3.5 (maintenance), and P... Read more

    Affected Products : eshop
    • EPSS Score: %0.11
    • Published: Feb. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12412

    ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow.... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.25
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2017-12410

    It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition when Kaseya Virtual System Administrator agent 9.3.0.11 and earlier tries to execute its binaries from working and/or temporary folders. Successful ... Read more

    Affected Products : virtual_system_administrator
    • EPSS Score: %0.04
    • Published: Mar. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12380

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation chec... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %8.13
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12379

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %22.23
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2017-12378

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation chec... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %2.95
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12377

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %27.08
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-12376

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %17.66
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12375

    The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %5.83
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12374

    The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %6.34
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12310

    A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request. The attacker could use this information ... Read more

    Affected Products : spark_hybrid_calendar_service
    • EPSS Score: %0.29
    • Published: Mar. 27, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-12308

    A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. The vulnerabilit... Read more

    • EPSS Score: %0.24
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-12307

    A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The ... Read more

    • EPSS Score: %0.18
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-12197

    It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information.... Read more

    Affected Products : enterprise_linux debian_linux libpam4j
    • EPSS Score: %0.43
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2017-12196

    undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attack... Read more

    • EPSS Score: %0.23
    • Published: Apr. 18, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-12195

    A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. Thi... Read more

    • EPSS Score: %0.20
    • Published: Jul. 27, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291551 Results