Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-9026

    Stack buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted fname parameter of a GET request.... Read more

    Affected Products : trip_mate_6_firmware trip_mate_6
    • EPSS Score: %1.15
    • Published: May. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0833

    A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62896384.... Read more

    Affected Products : android
    • EPSS Score: %0.96
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-8941

    The Interval International app 3.3 through 3.5.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : interval_international
    • EPSS Score: %0.09
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-8938

    The Radio Javan app 9.3.4 through 9.6.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : radio_javan
    • EPSS Score: %0.12
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-8920

    irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS.... Read more

    Affected Products : cgi\
    • EPSS Score: %0.30
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-14244

    An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /p... Read more

    Affected Products : ib-wra150n_firmware ib-wra150n
    • EPSS Score: %55.13
    • Published: Sep. 17, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-8893

    AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service.... Read more

    Affected Products : aeroadmin
    • EPSS Score: %0.33
    • Published: Jul. 02, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-8839

    XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi.... Read more

    • EPSS Score: %2.05
    • Published: Jun. 05, 2017
    • Modified: Apr. 20, 2025

  • 9.1

    CRITICAL
    CVE-2017-8827

    forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests.... Read more

    Affected Products : genixcms genixcms
    • EPSS Score: %0.46
    • Published: May. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0543

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code ... Read more

    Affected Products : android
    • EPSS Score: %0.29
    • Published: Apr. 07, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-8450

    X-Pack 5.1.1 did not properly apply document and field level security to multi-search and multi-get requests so users without access to a document and/or field may have been able to access this information.... Read more

    Affected Products : kibana x-pack
    • EPSS Score: %0.25
    • Published: Jun. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8204

    The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has t... Read more

    Affected Products : honor_9_firmware honor_9
    • EPSS Score: %0.17
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-13864

    An issue was discovered in certain Apple products. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. The issue involves the "APNs Server" component. It allows man-in-the-middle attackers to track users by leveraging mi... Read more

    Affected Products : itunes icloud windows
    • EPSS Score: %0.23
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8253

    In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.... Read more

    Affected Products : android
    • EPSS Score: %0.09
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 7.0

    HIGH
    CVE-2017-8270

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition.... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8234

    In all Android releases from CAF using the Linux kernel, an out of bounds access can potentially occur in a camera function.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-6761

    An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to ... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.15
    • Published: Jan. 12, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-8143

    Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the app... Read more

    • EPSS Score: %0.06
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-8174

    Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and ... Read more

    • EPSS Score: %0.07
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 4.9

    MEDIUM
    CVE-2017-8171

    Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login ... Read more

    • EPSS Score: %0.03
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291615 Results