Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2017-11093

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), ker... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11091

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function mdss_rotator_ioctl in the driver /dev/mdss_rotator, a Use-After-Free condition can potentially occur due to a fence being insta... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-11058

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11035

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr_roam_issue_ft_preauth_req" due to incorrect initializat... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11027

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not validated for being smaller than minimum header size causing unintialized data access vulnerability.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.0

    HIGH
    CVE-2017-11025

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption can occur.... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-11022

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. This shall impac... Read more

    Affected Products : android
    • EPSS Score: %0.09
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11017

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a specially crafted UBI image, it is possible to corrupt memory, or access uninitialized memory.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-11014

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur.... Read more

    Affected Products : android
    • EPSS Score: %0.18
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11012

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST cfg80211 vendor command a stack-based buffer overflow can occur.... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-4932

    VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context menu to native UI functionality and privilege. Successful exploitation of this issue could result in an e... Read more

    Affected Products : android airwatch_launcher
    • EPSS Score: %0.04
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-16867

    Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery drivers to freeze a camera and re-enter a house for unfilmed activities or (2) attackers to freeze a came... Read more

    Affected Products : amazon_key_firmware amazon_key
    • EPSS Score: %1.10
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-16851

    Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do widgetid parameter.... Read more

    • EPSS Score: %12.31
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-12323

    Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an ... Read more

    • EPSS Score: %0.16
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-12322

    Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an ... Read more

    Affected Products : email_encryption
    • EPSS Score: %0.16
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-12321

    Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an ... Read more

    • EPSS Score: %0.16
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-12318

    A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or video on demand (VoD) streams, resulting in a denial of se... Read more

    Affected Products : rf_gateway_1_firmware rf_gateway_1
    • EPSS Score: %0.66
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-12316

    A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. The vulnerability is due to insuffic... Read more

    • EPSS Score: %1.19
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-12314

    A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Li... Read more

    Affected Products : findit_network_discovery_utility
    • EPSS Score: %0.07
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-12313

    An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes t... Read more

    Affected Products : packet_tracer
    • EPSS Score: %0.06
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291712 Results