Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2017-3000

    Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure.... Read more

    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-8397

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This v... Read more

    Affected Products : binutils
    • Published: May. 01, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-8442

    Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication re... Read more

    Affected Products : x-pack
    • Published: Jul. 07, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-2981

    Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : digital_editions
    • Published: Feb. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.0

    MEDIUM
    CVE-2017-8478

    The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via ... Read more

    • Published: Jun. 15, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-3008

    Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability.... Read more

    Affected Products : coldfusion
    • Published: Apr. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.0

    MEDIUM
    CVE-2017-8480

    The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via ... Read more

    • Published: Jun. 15, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-2973

    Adobe Digital Editions versions 4.5.3 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : digital_editions
    • Published: Feb. 15, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2999

    Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-3017

    Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-8535

    The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more

    • Published: May. 26, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-2978

    Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : digital_editions
    • Published: Feb. 15, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-3001

    Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-8569

    Microsoft SharePoint Server allows an elevation of privilege vulnerability due to the way that it sanitizes a specially crafted web request to an affected SharePoint server, aka "SharePoint Server XSS Vulnerability".... Read more

    Affected Products : sharepoint_server
    • Published: Jul. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.1

    CRITICAL
    CVE-2017-2989

    Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database.... Read more

    Affected Products : campaign
    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-3003

    Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code exe... Read more

    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 8.5

    HIGH
    CVE-2017-8633

    Windows Error Reporting (WER) in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability, ak... Read more

    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2990

    Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Feb. 15, 2017
    • Modified: Apr. 20, 2025

  • 9.0

    HIGH
    CVE-2017-3006

    Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.... Read more

    Affected Products : creative_cloud windows
    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-8661

    Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way affected Microsoft scripting engines render when handling objects in memory, aka "Mic... Read more

    Affected Products : edge windows_10 windows_server_2016
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294713 Results