Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2017-11031

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the VIDIOC_G_SDE_ROTATOR_FENCE ioctl command can be used to cause a Use After Free condition.... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Dec. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11026

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing FRP partition using reference FRP unlock, authentication method can be compromised for static keys.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-11023

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-1102

    IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with... Read more

    Affected Products : rational_quality_manager
    • EPSS Score: %0.27
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-10993

    Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.... Read more

    Affected Products : contao contao_cms
    • EPSS Score: %0.82
    • Published: Jul. 21, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-10962

    REDCap before 7.5.1 has XSS via the query string.... Read more

    Affected Products : redcap
    • EPSS Score: %0.24
    • Published: Jul. 18, 2017
    • Modified: Apr. 20, 2025

  • 7.0

    HIGH
    CVE-2017-10950

    This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit thi... Read more

    Affected Products : total_security
    • EPSS Score: %0.05
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10860

    Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.... Read more

    Affected Products : i-filter_installer
    • EPSS Score: %0.22
    • Published: Sep. 15, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10850

    Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + A... Read more

    Affected Products : apeosport-vi docucentre-vi
    • EPSS Score: %0.14
    • Published: Sep. 01, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-10844

    baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.... Read more

    Affected Products : basercms
    • EPSS Score: %0.57
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10830

    Untrusted search path vulnerability in Security Setup Tool all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : security_setup_tool
    • EPSS Score: %0.14
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10820

    Untrusted search path vulnerability in Installer of IP Messenger for Win 4.60 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : ip_messenger
    • EPSS Score: %0.15
    • Published: Aug. 04, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-10805

    In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, incorrect access control on OAuth tokens in the OAuth module allows remote authenticated users to hijack OAuth sessions of other users.... Read more

    Affected Products : odoo
    • EPSS Score: %0.32
    • Published: Jul. 04, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-10798

    In ObjectPlanet Opinio before 7.6.4, there is XSS.... Read more

    Affected Products : opinio
    • EPSS Score: %0.27
    • Published: Jul. 03, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10779

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x00000000000... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10745

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!RtlProcessFlsData+0x00000000000000b0."... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.06
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10766

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!ScriptStringAn... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10765

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at IMM32!ImmLockImeDpi+... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10762

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpA... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-10678

    Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to delete permalinks via a crafted request.... Read more

    Affected Products : piwigo
    • EPSS Score: %0.18
    • Published: Jun. 29, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291573 Results