Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2017-2710

    BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlie... Read more

    • EPSS Score: %0.03
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 4.9

    MEDIUM
    CVE-2017-2708

    The 'Find Phone' function in Nice smartphones with software versions earlier before Nice-AL00C00B0135 has an authentication bypass vulnerability. An unauthenticated attacker may wipe and factory reset the phone by special steps. Due to missing authenticat... Read more

    Affected Products : nice_firmware nice
    • EPSS Score: %0.26
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-2707

    Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or... Read more

    Affected Products : mate_9_firmware mate_9
    • EPSS Score: %0.04
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-2703

    Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00... Read more

    Affected Products : mate_9_firmware p9_firmware p9 mate_9
    • EPSS Score: %0.02
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-2702

    Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone.... Read more

    Affected Products : mate_9_firmware mate_9
    • EPSS Score: %0.02
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2017-2701

    Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application. Since the system does not verify the broadcasting message from the application, it could be exploited to ... Read more

    Affected Products : mate_9_firmware mate_9
    • EPSS Score: %0.04
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2698

    The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given param... Read more

    Affected Products : p8_firmware p8
    • EPSS Score: %0.06
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2697

    The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C1... Read more

    • EPSS Score: %0.07
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2696

    The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on ... Read more

    Affected Products : y6ii_firmware y6ii
    • EPSS Score: %0.07
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-2693

    ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versio... Read more

    • EPSS Score: %0.24
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-2692

    The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L2... Read more

    • EPSS Score: %0.19
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-7736

    A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.... Read more

    Affected Products : fortiweb
    • EPSS Score: %0.15
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-8860

    Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web request with an extra / character, such as a "GET // HTT... Read more

    Affected Products : 3960hd_firmware 3960hd
    • EPSS Score: %0.27
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2015-3934

    Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/app_article/controller/rating.php or (2) user parameter to user/login.... Read more

    Affected Products : fiyo_cms
    • EPSS Score: %1.34
    • Published: Nov. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-5719

    A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user.... Read more

    Affected Products : deep_learning_training_tool
    • EPSS Score: %0.87
    • Published: Nov. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-5710

    Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector.... Read more

    Affected Products : trusted_execution_engine_firmware
    • EPSS Score: %0.07
    • Published: Nov. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-5706

    Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.... Read more

    Affected Products : server_platform_services_firmware
    • EPSS Score: %0.13
    • Published: Nov. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-16919

    MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter.... Read more

    Affected Products : mapos
    • EPSS Score: %0.13
    • Published: Nov. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-16903

    LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, within a template Style add request to index.php.... Read more

    Affected Products : lvyecms
    • EPSS Score: %1.02
    • Published: Nov. 20, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-16896

    A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.... Read more

    Affected Products : tiny_tiny_rss
    • EPSS Score: %0.35
    • Published: Nov. 20, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291717 Results