Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.6

    HIGH
    CVE-2017-0163

    A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ... Read more

    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2539

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corrup... Read more

    Affected Products : iphone_os safari
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-2519

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to ... Read more

    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0199

    Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted documen... Read more

    • Actively Exploited
    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-2549

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attac... Read more

    Affected Products : iphone_os tvos safari
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.0

    HIGH
    CVE-2017-0246

    The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privi... Read more

    • Published: May. 12, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-2533

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "DiskArbitration" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2545

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via ... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0264

    Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0265... Read more

    Affected Products : office powerpoint_for_mac
    • Published: May. 12, 2017
    • Modified: Apr. 20, 2025

  • 7.0

    HIGH
    CVE-2017-0277

    The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an at... Read more

    • Published: May. 12, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2531

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a ... Read more

    Affected Products : iphone_os tvos safari
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2542

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-0318

    All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system.... Read more

    Affected Products : freebsd solaris windows gpu_driver
    • Published: Feb. 15, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-0346

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the size of an input buffer is not validated, leading to denial of service or potential escalation of pri... Read more

    Affected Products : android windows gpu_driver
    • Published: May. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2541

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) vi... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-0750

    A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013.... Read more

    Affected Products : android
    • Published: Aug. 09, 2017
    • Modified: Apr. 20, 2025

  • 8.1

    HIGH
    CVE-2017-0902

    RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.... Read more

    • Published: Aug. 31, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2537

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) vi... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.1

    HIGH
    CVE-2017-1000061

    xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service... Read more

    Affected Products : xmlsec
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-1000099

    When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application's provide callback), which could... Read more

    Affected Products : curl libcurl
    • Published: Oct. 05, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294530 Results