Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2017-11080

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 42949672... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-11079

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header ... Read more

    Affected Products : android
    • EPSS Score: %0.16
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11078

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the boot image header, an out of bounds read can occur in boot.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Nov. 27, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11075

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if cmd_pkt and reg_pkt are called from different userspace threads, a use after free conditi... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11074

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is an obsolete set/reset ssid hotlist API.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Mar. 16, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11072

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while calculating CRC for GPT header fields with partition entries greater than 16384 buffer overflow occurs.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jan. 16, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-11069

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, manipulation of SafeSwitch Image data can result in Heap overflow.... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-11066

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing ubi image an uninitialized memory could be accessed.... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-11011

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can occur in a communication API.... Read more

    • EPSS Score: %0.26
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-11010

    In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected.... Read more

    Affected Products : android
    • EPSS Score: %0.58
    • Published: Mar. 30, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-11004

    A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430... Read more

    • EPSS Score: %0.05
    • Published: Jan. 03, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-11003

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-10992

    In HPE Storage Essentials 9.5.0.142, there is Unauthenticated Java Deserialization with remote code execution via OS commands in a request to invoker/JMXInvokerServlet, aka PSRT110461.... Read more

    Affected Products : storage_essentials
    • EPSS Score: %2.86
    • Published: Mar. 10, 2020
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2017-10963

    In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspecting network tr... Read more

    • EPSS Score: %0.27
    • Published: Feb. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-10937

    SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information.... Read more

    Affected Products : zxiptv-ucm_firmware zxiptv-ucm
    • EPSS Score: %0.31
    • Published: Jul. 25, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-10936

    SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information.... Read more

    Affected Products : zxcdn-sns_firmware zxcdn-sns
    • EPSS Score: %0.31
    • Published: Jul. 25, 2018
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2017-10935

    All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password.... Read more

    • EPSS Score: %0.45
    • Published: Jul. 25, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-10934

    All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker ca... Read more

    Affected Products : zxiptv-epg_firmware zxiptv-epg
    • EPSS Score: %9.77
    • Published: Jul. 25, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-10854

    Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and change the login password via unspecified vectors.... Read more

    Affected Products : cg-wgr_1200_firmware cg-wgr_1200
    • EPSS Score: %0.17
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-10853

    Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.... Read more

    Affected Products : cg-wgr_1200_firmware cg-wgr_1200
    • EPSS Score: %0.22
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291562 Results