Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2015-4073

    Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or (3) remote authenticated users to execute arbitrary SQL c... Read more

    Affected Products : helpdesk_pro
    • EPSS Score: %10.16
    • Published: Sep. 20, 2017
    • Modified: Apr. 20, 2025

  • 8.0

    HIGH
    CVE-2017-14320

    Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files.... Read more

    Affected Products : helpdesk_mx
    • EPSS Score: %0.84
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12930

    SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password.... Read more

    Affected Products : dlx_spot_player4
    • EPSS Score: %3.04
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-12928

    A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote attackers to log in via SSH and escalate privileges to root access with the same credentials.... Read more

    Affected Products : dlx_spot_player4
    • EPSS Score: %2.27
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-1187

    The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.... Read more

    • Actively Exploited
    • EPSS Score: %78.16
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-9724

    In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-9677

    In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, while it is not protected with locks. If one thread is ru... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 4.7

    MEDIUM
    CVE-2017-8281

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI.... Read more

    Affected Products : android
    • EPSS Score: %0.08
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-11001

    In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read.... Read more

    Affected Products : android
    • EPSS Score: %0.10
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11000

    In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write.... Read more

    Affected Products : android
    • EPSS Score: %0.08
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10998

    In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is l... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10997

    In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory.... Read more

    Affected Products : android
    • EPSS Score: %0.08
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-10996

    In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is not fatal, however the device might crash/reboot with memory v... Read more

    Affected Products : android
    • EPSS Score: %0.09
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 6.8

    MEDIUM
    CVE-2017-6720

    A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerabili... Read more

    • EPSS Score: %0.44
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-12255

    A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerabilit... Read more

    • EPSS Score: %0.06
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-12219

    A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) con... Read more

    • EPSS Score: %1.38
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-12214

    A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to gain elevated privileges. The vulnerabili... Read more

    Affected Products : unified_customer_voice_portal
    • EPSS Score: %0.92
    • Published: Sep. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2015-9232

    The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for its Authentication Delegation API intent. Also, the Good Dynamic application activation process does not attempt to detect malicious activation attempts involv... Read more

    Affected Products : good_for_enterprise
    • EPSS Score: %0.14
    • Published: Sep. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-14616

    An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By ... Read more

    Affected Products : fireware
    • EPSS Score: %0.83
    • Published: Sep. 20, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-14615

    An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user e... Read more

    Affected Products : fireware
    • EPSS Score: %0.36
    • Published: Sep. 20, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291918 Results