Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2017-12467

    Memory leak in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) by leveraging failure to allocate memory for the comp or complen structure member.... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.33
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-12466

    CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors related to ssl_halen when running ccn-lite-sim, which trigger an out-of-bounds access.... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.41
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-12465

    Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have unspecified impact via vectors involving the (1) vallen variable in the iottlv_parse_sequence function or (2) typ, vallen and i variables in the localrpc_parse fu... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.41
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12464

    ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via vectors involving the keyfile variable.... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.34
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12463

    Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) via vectors involving an envelope_s structure pointer when the packet format is unknown.... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.33
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12447

    GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.... Read more

    Affected Products : ubuntu_linux gdk-pixbuf nautilus
    • EPSS Score: %0.20
    • Published: Mar. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12415

    OXID eShop Community Edition before 6.0.0 RC2 (development), 4.10.x before 4.10.5 (maintenance), and 4.9.x before 4.9.10 (legacy), Enterprise Edition before 6.0.0 RC2 (development), 5.2.x before 5.2.10 (legacy), and 5.3.x before 5.3.5 (maintenance), and P... Read more

    Affected Products : eshop
    • EPSS Score: %0.11
    • Published: Feb. 20, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12412

    ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow.... Read more

    Affected Products : ccn-lite
    • EPSS Score: %0.25
    • Published: Feb. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2017-12410

    It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition when Kaseya Virtual System Administrator agent 9.3.0.11 and earlier tries to execute its binaries from working and/or temporary folders. Successful ... Read more

    Affected Products : virtual_system_administrator
    • EPSS Score: %0.04
    • Published: Mar. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12380

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation chec... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %8.13
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12379

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %22.23
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2017-12378

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation chec... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %2.95
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-12377

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %27.08
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-12376

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %17.66
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12375

    The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %5.83
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-12374

    The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %6.34
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-12310

    A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request. The attacker could use this information ... Read more

    Affected Products : spark_hybrid_calendar_service
    • EPSS Score: %0.29
    • Published: Mar. 27, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-12308

    A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. The vulnerabilit... Read more

    • EPSS Score: %0.24
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-12307

    A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The ... Read more

    • EPSS Score: %0.18
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2017-12197

    It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information.... Read more

    Affected Products : enterprise_linux debian_linux libpam4j
    • EPSS Score: %0.43
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291736 Results