Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2017-10903

    Improper authentication issue in PTW-WMS1 firmware version 2.000.012 allows remote attackers to log in to the device with root privileges and conduct arbitrary operations via unspecified vectors.... Read more

    Affected Products : ptw-wms1_firmware ptw-wms1
    • EPSS Score: %4.81
    • Published: Dec. 01, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10893

    Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software" Ver3.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    • EPSS Score: %0.11
    • Published: Dec. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-10885

    Untrusted search path vulnerability in HYPER SBI Ver. 2.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : hyper_sbi
    • EPSS Score: %0.11
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.1

    CRITICAL
    CVE-2017-10861

    Directory traversal vulnerability in QND Advance/Standard allows an attacker to read arbitrary files via a specially crafted command.... Read more

    Affected Products : qnd_advance\/standard
    • EPSS Score: %6.54
    • Published: Dec. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-10600

    ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting image with the uid of the invoking user. When the resulting image is booted, a local attacker with the same uid as the image creator has unintended access to clou... Read more

    Affected Products : ubuntu-image
    • EPSS Score: %0.05
    • Published: Jul. 11, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-10837

    Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : backup_guard
    • EPSS Score: %0.19
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10776

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at ntdll_77df0000!LdrShutdownProcess+0x0000000000000... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 8.5

    HIGH
    CVE-2017-10803

    In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because... Read more

    Affected Products : odoo
    • EPSS Score: %1.55
    • Published: Jul. 04, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10767

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!StateObje... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10763

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpF... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10759

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpI... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10758

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpC... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10753

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpF... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10751

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!GenericEngineG... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10746

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012."... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.06
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10739

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.06
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10737

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000002e6."... Read more

    Affected Products : xnview windows
    • EPSS Score: %0.06
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-10733

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriti... Read more

    Affected Products : irfanview
    • EPSS Score: %0.11
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-10681

    Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to unlock albums via a crafted request.... Read more

    Affected Products : piwigo
    • EPSS Score: %0.18
    • Published: Jun. 29, 2017
    • Modified: Apr. 20, 2025

  • 5.1

    MEDIUM
    CVE-2017-10419

    Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: PMS). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows unauthenticated attacker with logon to the... Read more

    Affected Products : hospitality_suite8
    • EPSS Score: %0.10
    • Published: Oct. 19, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291717 Results