Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2017-9982

    TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character.... Read more

    Affected Products : teamspeak_client
    • EPSS Score: %1.54
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-1328

    IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy. By crafting a suitable request, an attacker could exploit this vulnerability to bypass security and... Read more

    Affected Products : api_connect
    • EPSS Score: %0.28
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2016-9972

    IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the mi... Read more

    • EPSS Score: %0.26
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-9738

    IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 119783.... Read more

    • EPSS Score: %0.30
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 8.0

    HIGH
    CVE-2017-6662

    A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as ... Read more

    • EPSS Score: %0.95
    • Published: Jun. 26, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6678

    A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on a... Read more

    Affected Products : virtualized_packet_core
    • EPSS Score: %0.48
    • Published: Jun. 26, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-9807

    An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 open devices. The saveConfig function of "plugin/controllers/models/config.py" performs an eval() call on the contents of the "key" HTTP GET parameter. This allows an unauthenticated rem... Read more

    Affected Products : openwebif
    • EPSS Score: %14.04
    • Published: Jun. 22, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-9840

    Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application.... Read more

    Affected Products : dolibarr_erp\/crm dolibarr
    • EPSS Score: %0.75
    • Published: Jun. 25, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-9833

    /cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue (e.g., a vulnerability on one ty... Read more

    Affected Products : boa
    • EPSS Score: %90.75
    • Published: Jun. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-1349

    IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.06
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-1347

    IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.62
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-7922

    An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration... Read more

    • EPSS Score: %38.10
    • Published: Jun. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-1302

    IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.06
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-1131

    IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. IBM X-Force ID: 121375.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.19
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-5893

    IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.07
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-3948

    Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session.... Read more

    Affected Products : data_loss_prevention_endpoint
    • EPSS Score: %0.29
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-9356

    Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting Vulnerability via the searchStr parameter to the /Search-Results URI.... Read more

    Affected Products : sitecore.net
    • EPSS Score: %0.21
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-9098

    In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitored Microsoft SQL Server machines. If the Base Monitor is... Read more

    Affected Products : sql_monitor
    • EPSS Score: %39.99
    • Published: Jun. 22, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2017-1326

    IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.14
    • Published: Jun. 22, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-9982

    IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. IBM X-Force ID: 120274.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.28
    • Published: Jun. 22, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291909 Results