Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2015-9103

    Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) note title or (2) file name of attachments.... Read more

    Affected Products : note_station
    • EPSS Score: %0.25
    • Published: Jun. 30, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-4843

    Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.... Read more

    Affected Products : mailwise
    • EPSS Score: %0.93
    • Published: Apr. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2016-4840

    Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates.... Read more

    Affected Products : coordinate_plus
    • EPSS Score: %0.58
    • Published: Apr. 21, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-4838

    The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.... Read more

    • EPSS Score: %0.27
    • Published: May. 12, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-9053

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM.... Read more

    Affected Products : android
    • EPSS Score: %0.15
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-9041

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when performing WCDMA radio tuning.... Read more

    Affected Products : android
    • EPSS Score: %0.19
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2015-9038

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end.... Read more

    Affected Products : android
    • EPSS Score: %0.13
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-8995

    In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 7.0

    HIGH
    CVE-2015-8991

    Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallatio... Read more

    • EPSS Score: %0.05
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 7.0

    HIGH
    CVE-2015-8992

    Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but... Read more

    • EPSS Score: %0.05
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2015-8988

    Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path... Read more

    Affected Products : epo_deep_command
    • EPSS Score: %0.58
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-2712

    S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check. An attacker may craft malformed packets and send them to a device to cause EFM flapping.... Read more

    Affected Products : s3300_firmware s3300
    • EPSS Score: %0.17
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-2699

    The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs contai... Read more

    • EPSS Score: %0.15
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-2690

    SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R00... Read more

    • EPSS Score: %0.02
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2689

    Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings.... Read more

    Affected Products : ruggedcom_rox_i
    • EPSS Score: %0.53
    • Published: Mar. 29, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-2675

    Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file "at.obdev.littlesnitchd.plist" which gets installed to /Librar... Read more

    Affected Products : little_snitch little_snitch
    • EPSS Score: %0.05
    • Published: Apr. 06, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-4295

    When opening a Hangul Hcell Document (.cell) and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a f... Read more

    Affected Products : hancom_office_2014
    • EPSS Score: %0.46
    • Published: Jan. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2013-4366

    http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification.... Read more

    Affected Products : httpclient
    • EPSS Score: %1.29
    • Published: Oct. 30, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2016-4320

    Atlassian Bitbucket Server before 4.7.1 allows remote attackers to read the first line of an arbitrary file via a directory traversal attack on the pull requests resource.... Read more

    Affected Products : bitbucket
    • EPSS Score: %0.54
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-2334

    An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from en... Read more

    Affected Products : northstar_controller
    • EPSS Score: %0.27
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291647 Results