Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-13037

    The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.36
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13048

    The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.60
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13051

    The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.61
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13054

    The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.60
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-13060

    In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.46
    • Published: Aug. 22, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-13063

    GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.... Read more

    Affected Products : debian_linux graphicsmagick
    • EPSS Score: %1.54
    • Published: Aug. 22, 2017
    • Modified: Apr. 20, 2025

  • 8.1

    HIGH
    CVE-2017-1337

    IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. IBM X-Force ID: 126245.... Read more

    Affected Products : websphere_mq mq
    • EPSS Score: %0.28
    • Published: Jul. 10, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13690

    The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.60
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13695

    The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Aug. 25, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-13703

    An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur.... Read more

    Affected Products : eds-g512e_firmware eds-g512e
    • EPSS Score: %0.45
    • Published: Nov. 17, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-13704

    In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms)... Read more

    • EPSS Score: %81.76
    • Published: Oct. 03, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-13758

    In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.42
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-13812

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash)... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.52
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13821

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFString" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.20
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13832

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.55
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-14040

    An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact.... Read more

    Affected Products : openjpeg debian_linux
    • EPSS Score: %0.58
    • Published: Aug. 30, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-14056

    In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted RL2 file, which claims a large "frame_count" field in the header but does not contain su... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.45
    • Published: Aug. 31, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-14057

    In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF file, which claims a large "name_len" or "count" field in the header but does not contain sufficient back... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.45
    • Published: Aug. 31, 2017
    • Modified: Apr. 20, 2025

  • 9.1

    CRITICAL
    CVE-2017-14122

    unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.... Read more

    Affected Products : debian_linux unrar
    • EPSS Score: %0.57
    • Published: Sep. 03, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-14169

    In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted file, which claims a large "item_num" field such as 0xffffffff, is provided. As a result, the variable "item_num" t... Read more

    Affected Products : debian_linux ffmpeg
    • EPSS Score: %0.24
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292387 Results