Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2017-4013

    Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header.... Read more

    Affected Products : network_data_loss_prevention
    • EPSS Score: %0.23
    • Published: May. 17, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-9030

    The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.... Read more

    Affected Products : b2j_contact
    • EPSS Score: %2.08
    • Published: May. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.6

    CRITICAL
    CVE-2017-3882

    A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote co... Read more

    • EPSS Score: %0.79
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.9

    HIGH
    CVE-2017-3873

    A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point (AP) or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary co... Read more

    • EPSS Score: %0.25
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-10238

    In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-6885

    An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated pri... Read more

    Affected Products : flexnet_manager_suite
    • EPSS Score: %0.41
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-10372

    The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the W... Read more

    Affected Products : d1000_modem_firmware d1000_modem
    • EPSS Score: %91.13
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2016-10242

    A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-10239

    In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer ove... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-10237

    If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-8998

    In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2015-8997

    In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2014-9936

    In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel.... Read more

    Affected Products : android
    • EPSS Score: %0.10
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9932

    In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-7953

    INFOR EAM V11.0 Build 201410 has XSS via comment fields.... Read more

    Affected Products : enterprise_asset_management
    • EPSS Score: %0.20
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-8943

    The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : pumatrac
    • EPSS Score: %0.12
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-8942

    The YottaMark ShopWell - Healthy Diet & Grocery Food Scanner app 5.3.7 through 5.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted cert... Read more

    • EPSS Score: %0.12
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-8937

    The Life Before Us Yo app 2.5.8 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : yo.
    • EPSS Score: %0.12
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-8936

    The MoboTap Dolphin Web Browser - Fast Private Internet Search app 9.23.0 through 9.23.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ... Read more

    Affected Products : dolphin_web_browser
    • EPSS Score: %0.12
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-8927

    Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.... Read more

    Affected Products : vizex_reader
    • EPSS Score: %1.24
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291963 Results