Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2017-13158

    An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32879915.... Read more

    Affected Products : android
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-13152

    An information disclosure vulnerability in the Android media framework (libmedia drm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62872384.... Read more

    Affected Products : android
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13151

    A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.... Read more

    Affected Products : android
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.1

    CRITICAL
    CVE-2017-13149

    An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872.... Read more

    Affected Products : android
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-0873

    A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63316255.... Read more

    Affected Products : android
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-14374

    The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 (aka 2016 R3.20) is protected using a hard-coded password. A remote user with the knowledge of the password might potentially disable the SMI-S service via HTTP requests, affecting st... Read more

    Affected Products : storage_manager
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-4920

    The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x prior to 6.2.8 and NSX-V Edge 6.3.x prior to 6.3.3 doesn't correctly handle the link-state advertisement (LSA). A rogue LSA may exploit this issue resulting in continuous sending of LSAs b... Read more

    Affected Products : nsx-v_edge
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-14914

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale.... Read more

    Affected Products : android
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-11043

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur.... Read more

    Affected Products : android
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-11005

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during a deinitialization path.... Read more

    Affected Products : android
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-14907

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reduced while deriving disk encryption key.... Read more

    Affected Products : android
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-14898

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE contains... Read more

    Affected Products : android
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11047

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a graphics driver ioctl handler, the lack of copy_from_user() function calls may result in writes to kernel memory.... Read more

    Affected Products : android
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11030

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the HDMI video driver function hdmi_edid_sysfs_rda_res_info(), userspace can perform an arbitrary write into kernel memory.... Read more

    Affected Products : android
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-17066

    The (1) i2pd before 2.17 and (2) kovri pre-alpha implementations of the I2P routing protocol do not properly handle Garlic DeliveryTypeTunnel packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets th... Read more

    Affected Products : kovri i2pd
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-17113

    ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request.... Read more

    Affected Products : ikarus_antivirus anti.virus
    • Published: Dec. 04, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-16930

    The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is misha... Read more

    Affected Products : claymore_dual_miner
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 8.5

    HIGH
    CVE-2017-16929

    The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be... Read more

    Affected Products : claymore_dual_miner
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-17057

    There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute ar... Read more

    Affected Products : zktime_web
    • Published: Dec. 04, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-17096

    Cross-site scripting (XSS) vulnerability in the Content Cards plugin before 0.9.7 for WordPress allows remote attackers to inject arbitrary JavaScript via crafted OpenGraph data.... Read more

    Affected Products : content_cards
    • Published: Dec. 03, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292840 Results