Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2017-9420

    Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.... Read more

    Affected Products : spiffy_calendar
    • EPSS Score: %0.41
    • Published: Jun. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2015-3830

    The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names.... Read more

    Affected Products : android
    • EPSS Score: %0.16
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-8083

    CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf protection mechanism for write protection of flash memory regions, which allows local users to install a firmware rootkit by leveraging administrative privileges... Read more

    • EPSS Score: %0.04
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-9005

    In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9952

    In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9951

    In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure Through Timing Discrepancy vulnerability could potentially exist.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9948

    In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9943

    In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist.... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9930

    In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9929

    In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-9923

    In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-9436

    TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.... Read more

    Affected Products : teampass
    • EPSS Score: %0.23
    • Published: Jun. 05, 2017
    • Modified: Apr. 20, 2025

  • 8.1

    HIGH
    CVE-2017-8841

    Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_pro... Read more

    • EPSS Score: %4.46
    • Published: Jun. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-8838

    XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.... Read more

    • EPSS Score: %2.05
    • Published: Jun. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-8440

    Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.... Read more

    Affected Products : kibana
    • EPSS Score: %0.34
    • Published: Jun. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2012-6705

    Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the Status Update field.... Read more

    Affected Products : jamroom
    • EPSS Score: %0.23
    • Published: Jun. 04, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-3740

    In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.... Read more

    Affected Products : active_protection_system
    • EPSS Score: %0.04
    • Published: Jun. 04, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-8231

    In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the code signing certificate could be exploited by an attacker to insert a forged code signing certificate.... Read more

    Affected Products : lenovo_service_bridge
    • EPSS Score: %0.10
    • Published: Jun. 04, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-8229

    A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be exploited by an attacker with access to the DHCP server used by the system where LSB is installed.... Read more

    Affected Products : lenovo_service_bridge
    • EPSS Score: %0.16
    • Published: Jun. 04, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-8228

    In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges.... Read more

    Affected Products : lenovo_service_bridge
    • EPSS Score: %0.04
    • Published: Jun. 04, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292055 Results