Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-1216

    Cross-site scripting (XSS) vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2.... Read more

    Affected Products : garoon
    • EPSS Score: %0.34
    • Published: Apr. 20, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2016-5762

    Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password, which triggers a heap-based buffer overflow.... Read more

    Affected Products : groupwise
    • EPSS Score: %14.84
    • Published: Apr. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-5409

    Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.... Read more

    Affected Products : openshift openshift
    • EPSS Score: %0.23
    • Published: Apr. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-7978

    Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.... Read more

    Affected Products : samsung_mobile
    • EPSS Score: %0.31
    • Published: Apr. 19, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-6727

    The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code.... Read more

    Affected Products : android
    • EPSS Score: %5.74
    • Published: Apr. 17, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2015-8256

    Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.... Read more

    • EPSS Score: %6.91
    • Published: Apr. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0593

    An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate appli... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: May. 12, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-5655

    In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host.... Read more

    Affected Products : ambari
    • EPSS Score: %0.15
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-9572

    The athens-state-bank-mobile-banking/id719748589 app 3.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : athens_state_bank_mobile
    • EPSS Score: %0.12
    • Published: Jun. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-7676

    Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '*' wildcard character - like my*test, test*.txt. This can result in unintended behavior.... Read more

    Affected Products : ranger
    • EPSS Score: %0.89
    • Published: Jun. 14, 2017
    • Modified: Apr. 20, 2025

  • 4.7

    MEDIUM
    CVE-2017-0651

    An information disclosure vulnerability in the kernel ION subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.22
    • Published: Jun. 14, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-0642

    A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product:... Read more

    Affected Products : android
    • EPSS Score: %0.19
    • Published: Jun. 14, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-8239

    In all Android releases from CAF using the Linux kernel, userspace-controlled parameters for flash initialization are not sanitized potentially leading to exposure of kernel memory.... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8238

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function.... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-7365

    In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-10341

    In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 8.0

    HIGH
    CVE-2016-9991

    IBM Sterling Order Management 9.2 through 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 121314.... Read more

    • EPSS Score: %0.16
    • Published: Jun. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-9033

    In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-9030

    In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication.... Read more

    Affected Products : android
    • EPSS Score: %0.15
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-9025

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292652 Results