Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.4

    MEDIUM
    CVE-2017-3649

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with ne... Read more

    Affected Products : mysql
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-3622

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the... Read more

    Affected Products : solaris solaris
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 4.4

    MEDIUM
    CVE-2017-3648

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged... Read more

    Affected Products : debian_linux mysql mysql_server
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-3637

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols... Read more

    Affected Products : mysql mysql_server
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-3805

    A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. Affected Products: This vuln... Read more

    Affected Products : iox
    • Published: Jan. 26, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-3633

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with netw... Read more

    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-3792

    A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerabi... Read more

    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-3632

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: CDE Calendar). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to c... Read more

    Affected Products : solaris solaris
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-3748

    On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device).... Read more

    • Published: Jun. 29, 2017
    • Modified: Apr. 20, 2025

  • 4.9

    MEDIUM
    CVE-2017-3645

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple p... Read more

    Affected Products : mysql mysql_server
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-3732

    There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very... Read more

    Affected Products : openssl node.js
    • Published: May. 04, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-3826

    A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, cau... Read more

    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.4

    HIGH
    CVE-2017-3849

    A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause ... Read more

    Affected Products : ios_xe ios
    • Published: Mar. 21, 2017
    • Modified: Apr. 20, 2025

  • 4.9

    MEDIUM
    CVE-2017-3638

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple p... Read more

    Affected Products : mysql mysql_server
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 6.9

    MEDIUM
    CVE-2017-3749

    On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.... Read more

    • Published: Jun. 29, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-3832

    A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a missing inter... Read more

    • Published: Apr. 06, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-3634

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acces... Read more

    Affected Products : mysql
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-3761

    The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution.... Read more

    Affected Products : service_framework
    • Published: Oct. 17, 2017
    • Modified: Apr. 20, 2025

  • 4.4

    MEDIUM
    CVE-2017-3647

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with ne... Read more

    Affected Products : mysql mysql_server
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 5.9

    MEDIUM
    CVE-2017-3738

    There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to p... Read more

    Affected Products : debian_linux openssl node.js
    • Published: Dec. 07, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293646 Results