Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2017-14096

    A stored cross site scripting (XSS) vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to execute a malicious payload on vulnerable systems.... Read more

    Affected Products : smart_protection_server
    • Published: Jan. 19, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2017-14095

    A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system.... Read more

    Affected Products : smart_protection_server
    • Published: Jan. 19, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-14094

    A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a cron job injection on a vulnerable system.... Read more

    Affected Products : smart_protection_server
    • Published: Jan. 19, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-14082

    An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system.... Read more

    Affected Products : mobile_security
    • Published: Jan. 19, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-14030

    An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path.... Read more

    Affected Products : mxview
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-14026

    In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.... Read more

    • Published: Sep. 06, 2018
    • Modified: Nov. 21, 2024

  • 4.6

    MEDIUM
    CVE-2017-14014

    Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.... Read more

    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 4.6

    MEDIUM
    CVE-2017-14012

    Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.... Read more

    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-14010

    In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the ... Read more

    • Published: Apr. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-14008

    GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access... Read more

    Affected Products : centricity_pacs_ra1000
    • Published: Mar. 20, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-14006

    GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication an... Read more

    Affected Products : xeleris_firmware xeleris
    • Published: Mar. 20, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-14004

    GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected... Read more

    Affected Products : gemnet_license_server
    • Published: Mar. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-14002

    GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain ac... Read more

    • Published: Mar. 20, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-13911

    A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra 10.13.2.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-13910

    An access issue was addressed with additional sandbox restrictions on applications. This issue is fixed in macOS High Sierra 10.13. An application may be able to access restricted files.... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-13909

    An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens.... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13908

    An issue in handling file permissions was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A local attacker may be able... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2017-13907

    A state management issue was addressed with improved state validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan. The screen lock may unexpectedly remain unlocked.... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13906

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A malicious application may be able... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2017-13905

    A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain ele... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292802 Results