Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-2928

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 7.4

    HIGH
    CVE-2017-2912

    An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the goclient daemon to accept a different certificate than intended. An attacker can... Read more

    • Published: Nov. 07, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2933

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-2947

    Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF).... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2925

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-2929

    Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. Successful exploitation could lead to JavaScript code execution.... Read more

    Affected Products : acrobat windows
    • Published: Jan. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-5546

    The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service (duplicate freelist entries and system crash) or possibly have unspecified other impact in opportunistic circu... Read more

    Affected Products : linux_kernel
    • Published: Feb. 06, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-5613

    Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file.... Read more

    Affected Products : cgiecho cgiemail
    • Published: Mar. 03, 2017
    • Modified: Apr. 20, 2025

  • 9.9

    CRITICAL
    CVE-2017-2917

    An exploitable vulnerability exists in the notifications functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request to trigger this vulnerability.... Read more

    • Published: Nov. 07, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2932

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-5855

    The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2927

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2945

    Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2931

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 4.7

    MEDIUM
    CVE-2017-5969

    libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only... Read more

    Affected Products : libxml2
    • Published: Apr. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2940

    Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing JPEG 2000 files. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-6184

    In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.... Read more

    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2936

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2950

    Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2943

    Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294516 Results