Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

9.0

HIGH

CVE-2017-15622

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15621

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15620

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15619

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15618

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15617

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15616

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15615

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15614

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15613

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file....

Affected Products : er5110g_firmware er5120g_firmware er5510g_firmware er5520g_firmware r4149g_firmware r4239g_firmware r4299g_firmware r473gp-ac_firmware r473g_firmware r473p-ac_firmware +66 more products
Published: Jan. 11, 2018

Modified: Nov. 21, 2024
6.5

MEDIUM

CVE-2017-15608

Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings....

Affected Products : proget
Published: Sep. 26, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15550

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could acce...

Affected Products : networker avamar_server integrated_data_protection_appliance
Published: Jan. 05, 2018

Modified: Nov. 21, 2024
9.0

HIGH

CVE-2017-15549

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could pote...

Affected Products : networker avamar_server integrated_data_protection_appliance
Published: Jan. 05, 2018

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2017-15548

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass appli...

Affected Products : networker avamar_server integrated_data_protection_appliance
Published: Jan. 05, 2018

Modified: Nov. 21, 2024
4.3

MEDIUM

CVE-2017-15546

The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and earlier is affected by a blind SQL injection vulnerability. Authenticated malicious users could potentially exploit this vulnerability to read any unencrypted data from the database....

Affected Products : rsa_authentication_manager authentication_manager
Published: Jan. 25, 2018

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2017-15536

An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. Several web application vulnerabilities allow malicious authenticated users of CDSW to escalate privileges in CDSW. CDSW users can exploit these vulnerabilities in combina...

Affected Products : data_science_workbench
Published: Feb. 05, 2018

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2017-15534

The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to ga...

Affected Products : norton_app_lock
Published: Mar. 26, 2018

Modified: Nov. 21, 2024
5.9

MEDIUM

CVE-2017-15533

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. All affected SSLV versions act as weak oracles according the oracle classific...

Affected Products : ssl_visibility_appliance ssl_visibility
Published: May. 17, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-15531

Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter....

Affected Products : reporter
Published: Jan. 23, 2018

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2017-15519

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 f...

Affected Products : snapcenter snapcenter_server
Published: Mar. 06, 2018

Modified: Nov. 21, 2024

Showing 20 of 292834 Results

Browse by Apps

Latest CVE Feed

9.0

9.0

9.0

9.0

9.0

9.0

9.0

9.0

9.0

9.0

6.5

9.0

9.0

10.0

4.3

8.8

7.2

5.9

9.8

7.2

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable