Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2017-3491

    Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Limits and Collateral). Supported versions that are affected are 12.0.1 and 12.1.0. Easily "exploitable" vu... Read more

    • EPSS Score: %0.35
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2017-3481

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0 and 12.0.1. Easily "exploitable" vulnerability allows low pr... Read more

    Affected Products : flexcube_universal_banking
    • EPSS Score: %0.39
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.0

    MEDIUM
    CVE-2017-3475

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows lo... Read more

    Affected Products : flexcube_private_banking
    • EPSS Score: %0.39
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6033

    A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a locati... Read more

    • EPSS Score: %0.22
    • Published: Apr. 07, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-3355

    Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauth... Read more

    Affected Products : marketing
    • EPSS Score: %1.02
    • Published: Apr. 25, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2017-3315

    Vulnerability in the PeopleSoft Enterprise HCM ePerformance component of Oracle PeopleSoft Products (subcomponent: Security). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network acces... Read more

    • EPSS Score: %0.25
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-3298

    Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker wi... Read more

    Affected Products : peoplesoft_enterprise_peopletools
    • EPSS Score: %0.50
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-9846

    Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php move_folder_file call to move a .php file from the FTP folder into a web folder.... Read more

    Affected Products : winmail_server
    • EPSS Score: %1.44
    • Published: Jun. 24, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-3222

    Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.... Read more

    Affected Products : amosconnect
    • EPSS Score: %6.12
    • Published: Jul. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-3215

    The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one year. This bearer token, in combination with a user_id can be used to perform user actions.... Read more

    Affected Products : one-key
    • EPSS Score: %0.20
    • Published: Jun. 20, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-3192

    D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 encoding in the returned web page. A remote attacker with... Read more

    • EPSS Score: %39.57
    • Published: Dec. 16, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-9660

    A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. A heap-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution.... Read more

    Affected Products : monitouch_v-sft
    • EPSS Score: %6.48
    • Published: Aug. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-3108

    Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.... Read more

    Affected Products : experience_manager
    • EPSS Score: %13.21
    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-9653

    An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access ... Read more

    • EPSS Score: %1.32
    • Published: Aug. 14, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-3098

    Adobe Captivate versions 9 and earlier have a remote code execution vulnerability in the quiz reporting feature that could be abused to read and write arbitrary files to the server.... Read more

    Affected Products : captivate
    • EPSS Score: %15.17
    • Published: Jun. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-9565

    The first-security-bank-sleepy-eye-mobile/id870531890 app 3.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    • EPSS Score: %0.12
    • Published: Jun. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-9563

    The First Citizens Community Bank fccb/id809930960 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : fccb
    • EPSS Score: %0.12
    • Published: Jun. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-9561

    The Lee Bank & Trust lbtc-mobile/id1068984753 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : lee_bank_\&_trust
    • EPSS Score: %0.12
    • Published: Jun. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-9558

    The wawa-employees-credit-union-mobile/id1158082793 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    • EPSS Score: %0.12
    • Published: Jun. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-9516

    Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file.... Read more

    Affected Products : craft_cms
    • EPSS Score: %0.90
    • Published: Jun. 08, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291712 Results