Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-17821

    WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resize... Read more

    Affected Products : safari
    • EPSS Score: %0.68
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.0

    HIGH
    CVE-2017-16717

    A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio HMI. The heap-based buffer overflow vulnerability has been identified, which may allow remote code execution.... Read more

    Affected Products : levi_studio_hmi
    • EPSS Score: %1.18
    • Published: Dec. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-14966

    In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c0.... Read more

    Affected Products : anti.virus
    • EPSS Score: %0.05
    • Published: Dec. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-0663

    A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution i... Read more

    Affected Products : android
    • EPSS Score: %1.70
    • Published: Jun. 14, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-0204

    Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulne... Read more

    Affected Products : outlook
    • EPSS Score: %12.84
    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-0136

    A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary co... Read more

    Affected Products : edge windows_10 windows_server_2016
    • EPSS Score: %16.01
    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-0024

    The kernel-mode drivers in Microsoft Windows 10 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-201... Read more

    Affected Products : windows_10 windows_server_2016
    • EPSS Score: %6.73
    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-8986

    IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.20
    • Published: Feb. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2016-8977

    IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.... Read more

    • EPSS Score: %0.19
    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2016-8481

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged pro... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.14
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-8437

    Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695.... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.55
    • Published: Jan. 12, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-7588

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreMedia Playback" component. It allows remote attackers to execute arbitrary code... Read more

    Affected Products : mac_os_x iphone_os watchos
    • EPSS Score: %0.88
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2016-6044

    IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %0.12
    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-4688

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" compone... Read more

    Affected Products : mac_os_x tvos watchos
    • EPSS Score: %1.33
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-4038

    Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows lo... Read more

    • EPSS Score: %0.04
    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-11913

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the ... Read more

    • EPSS Score: %20.53
    • Published: Dec. 12, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-11629

    dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in controllers/api.php via the function parameter in a c=api&m=data2 request.... Read more

    Affected Products : finecms
    • EPSS Score: %0.59
    • Published: Jul. 26, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-11543

    tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.... Read more

    Affected Products : tcpdump axc_f_2152_firmware
    • EPSS Score: %13.57
    • Published: Jul. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2015-7256

    ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG... Read more

    • EPSS Score: %0.13
    • Published: Sep. 28, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-11220

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary ... Read more

    • EPSS Score: %13.20
    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292517 Results