Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-11088

    Improper Input Validation in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear, A SQL injection vulnerability exists in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 835, SD 845.... Read more

    • EPSS Score: %0.26
    • Published: Jul. 06, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-11087

    libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of me... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Mar. 30, 2018
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2017-11082

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update t... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Mar. 16, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11081

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers d... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11080

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 42949672... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-11079

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header ... Read more

    Affected Products : android
    • EPSS Score: %0.16
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11078

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the boot image header, an out of bounds read can occur in boot.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Nov. 27, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11075

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if cmd_pkt and reg_pkt are called from different userspace threads, a use after free conditi... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11074

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is an obsolete set/reset ssid hotlist API.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Mar. 16, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11072

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while calculating CRC for GPT header fields with partition entries greater than 16384 buffer overflow occurs.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jan. 16, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-11069

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, manipulation of SafeSwitch Image data can result in Heap overflow.... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-11066

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing ubi image an uninitialized memory could be accessed.... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-11011

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can occur in a communication API.... Read more

    • EPSS Score: %0.26
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-11010

    In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected.... Read more

    Affected Products : android
    • EPSS Score: %0.58
    • Published: Mar. 30, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-11004

    A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430... Read more

    • EPSS Score: %0.05
    • Published: Jan. 03, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11003

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-10992

    In HPE Storage Essentials 9.5.0.142, there is Unauthenticated Java Deserialization with remote code execution via OS commands in a request to invoker/JMXInvokerServlet, aka PSRT110461.... Read more

    Affected Products : storage_essentials
    • EPSS Score: %2.86
    • Published: Mar. 10, 2020
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2017-10963

    In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspecting network tr... Read more

    • EPSS Score: %0.27
    • Published: Feb. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-10937

    SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information.... Read more

    Affected Products : zxiptv-ucm_firmware zxiptv-ucm
    • EPSS Score: %0.31
    • Published: Jul. 25, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-10936

    SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information.... Read more

    Affected Products : zxcdn-sns_firmware zxcdn-sns
    • EPSS Score: %0.31
    • Published: Jul. 25, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291526 Results