Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.1

    MEDIUM
    CVE-2017-6706

    A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1.... Read more

    Affected Products : prime_collaboration_provisioning
    • EPSS Score: %0.07
    • Published: Jul. 04, 2017
    • Modified: Apr. 20, 2025

  • 4.9

    MEDIUM
    CVE-2017-6690

    A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Inf... Read more

    • EPSS Score: %0.16
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-6685

    A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device, aka an Insecure Default Credentials Vulnerability. More... Read more

    • EPSS Score: %0.77
    • Published: Jun. 13, 2017
    • Modified: Apr. 20, 2025

  • 6.4

    MEDIUM
    CVE-2017-6679

    The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (SSH) which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily l... Read more

    Affected Products : umbrella
    • EPSS Score: %0.10
    • Published: Dec. 01, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17640

    Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.... Read more

    Affected Products : advanced_world_database
    • EPSS Score: %2.51
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17627

    Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.... Read more

    Affected Products : readymade_video_sharing_script
    • EPSS Score: %2.51
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-6646

    A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Order information on an affected system. The vulnerability exists because the affected software does no... Read more

    Affected Products : remote_expert_manager
    • EPSS Score: %0.37
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-6636

    A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. The vulnerability exists because the affected software do... Read more

    Affected Products : prime_collaboration_provisioning
    • EPSS Score: %3.77
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17617

    Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.... Read more

    Affected Products : foodspotting_clone_script
    • EPSS Score: %2.51
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17616

    Event Search Script 1.0 has SQL Injection via the /event-list city parameter.... Read more

    Affected Products : event_calendar_category_script
    • EPSS Score: %2.51
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17609

    Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.... Read more

    • EPSS Score: %2.51
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17596

    Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.... Read more

    Affected Products : entrepreneur_job_portal_script
    • EPSS Score: %2.51
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17586

    FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.... Read more

    Affected Products : olx_clone
    • EPSS Score: %2.38
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17585

    FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.... Read more

    Affected Products : monster_clone
    • EPSS Score: %2.38
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-6591

    There is a cross-site scripting vulnerability in django-epiceditor 0.2.3 via crafted content in a form field.... Read more

    Affected Products : django-epiceditor
    • EPSS Score: %0.30
    • Published: Mar. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-6572

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list.... Read more

    Affected Products : mail-masta
    • EPSS Score: %0.93
    • Published: Mar. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6552

    Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue to render the affected system unresponsive, resulting i... Read more

    Affected Products : livebox_firmware livebox
    • EPSS Score: %8.40
    • Published: Mar. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-6489

    Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (element, state, cat, id, cid) passed to the EPESI-master/modules/Utils/Watchdog/subscribe.php URL.... Read more

    Affected Products : epesi
    • EPSS Score: %0.21
    • Published: Mar. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-6478

    paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected XSS in install/index.php (step parameter).... Read more

    Affected Products : mangoswebv4
    • EPSS Score: %0.31
    • Published: Mar. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-17469

    TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730008, a different vulnerability than CVE-2017-16948.... Read more

    Affected Products : vir.it_explorer
    • EPSS Score: %0.03
    • Published: Dec. 08, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291812 Results