Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-0777

    A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-38342499.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-0774

    A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62673844.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0768

    A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62019992.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0766

    A remote code execution vulnerability in the Android media framework (libjhead). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37776688.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0762

    A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62214264.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0758

    A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492741.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-2550

    Vulnerability in Easy Joomla Backup v3.2.4. The software creates a copy of the backup in the web root with an easily guessable filename.... Read more

    Affected Products : easy_joomla_backup
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-11611

    Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "create-directory-popup" action, in the HTTP POST method to... Read more

    Affected Products : wolf_cms
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-6794

    A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid adm... Read more

    Affected Products : meeting_server
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-6791

    A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handli... Read more

    Affected Products : unified_communications_manager
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 6.3

    MEDIUM
    CVE-2017-12211

    A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of the device. The vulnerability is due to IPv6 sub block c... Read more

    Affected Products : ios_xe ios
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2015-7672

    Cross-site scripting (XSS) vulnerability in Centreon 2.6.1 (fixed in Centreon 18.10.0 and Centreon web 2.8.27).... Read more

    Affected Products : centreon
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2015-5060

    Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev.... Read more

    Affected Products : anchor_cms
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2015-4627

    SQL injection vulnerability in Pragyan CMS 3.0.... Read more

    Affected Products : pragyan_cms
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-4085

    Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1.... Read more

    Affected Products : etherpad
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-1098

    IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclos... Read more

    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2015-8316

    Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service (process crash) via an XDMCP request packet with no address.... Read more

    Affected Products : lightdm
    • Published: Sep. 06, 2017
    • Modified: Apr. 20, 2025

  • 8.1

    HIGH
    CVE-2015-5947

    SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : suitecrm
    • Published: Sep. 06, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2015-3163

    The admin pages for power types and key types in Beaker before 20.1 do not have any access controls, which allows remote authenticated users to modify power types and key types via navigating to $BEAKER/powertypes and $BEAKER/keytypes respectively.... Read more

    Affected Products : beaker
    • Published: Sep. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-1535

    IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi... Read more

    Affected Products : cognos_analytics
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292772 Results