Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2017-14452

    An exploitable buffer overflow vulnerability exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global sec... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.38
    • Published: Aug. 23, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-14451

    An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequently trigger an out-of-bounds write resulting in remote ... Read more

    Affected Products : ethereum
    • EPSS Score: %2.65
    • Published: Dec. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2017-14450

    A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %0.77
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14449

    A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability.... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %0.67
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14448

    An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trig... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %1.63
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2017-14447

    An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwri... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.58
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-14446

    An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can sen... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.40
    • Published: Aug. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-14445

    An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.40
    • Published: Aug. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-14444

    An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An a... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.40
    • Published: Aug. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.6

    CRITICAL
    CVE-2017-14443

    An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole ... Read more

    Affected Products : hub_2245-222_firmware hub_2245-222
    • EPSS Score: %0.62
    • Published: Sep. 17, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14442

    An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to tri... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %1.62
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14441

    An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %1.38
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14440

    An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to t... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %2.04
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-14439

    Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4001/tcp to trigger this vulnerab... Read more

    Affected Products : edr-810_firmware edr-810
    • EPSS Score: %1.04
    • Published: May. 14, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-14438

    Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vulnerab... Read more

    Affected Products : edr-810_firmware edr-810
    • EPSS Score: %1.04
    • Published: May. 14, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-14437

    An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request... Read more

    Affected Products : edr-810_firmware edr-810
    • EPSS Score: %2.23
    • Published: May. 14, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-14436

    An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request... Read more

    Affected Products : edr-810_firmware edr-810
    • EPSS Score: %2.23
    • Published: May. 14, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-14435

    An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request... Read more

    Affected Products : edr-810_firmware edr-810
    • EPSS Score: %2.23
    • Published: May. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-14434

    An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the ... Read more

    Affected Products : edr-810_firmware edr-810
    • EPSS Score: %0.71
    • Published: May. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-14433

    An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the ... Read more

    Affected Products : edr-810_firmware edr-810
    • EPSS Score: %0.71
    • Published: May. 14, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292495 Results