Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2017-1228

    IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute. An attacker could exploit this vulnerability to obtain sensi... Read more

    Affected Products : bigfix_platform
    • Published: Oct. 26, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-2699

    The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs contai... Read more

    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-12235

    A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (Do... Read more

    • Actively Exploited
    • Published: Sep. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.0

    HIGH
    CVE-2017-12230

    A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incorrect default permission settings for new users ... Read more

    Affected Products : ios_xe
    • Published: Sep. 29, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-7538

    coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.... Read more

    Affected Products : imagemagick
    • Published: Apr. 20, 2017
    • Modified: Apr. 20, 2025

  • 4.9

    MEDIUM
    CVE-2016-7542

    A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may t... Read more

    Affected Products : fortios
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-2414

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "DataAccess" component. It allows remote attackers to access Exchange traffic in opportunistic circumstances by leveraging a mistake in typing an e-mail... Read more

    Affected Products : iphone_os
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2449

    An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a cr... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2457

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption... Read more

    Affected Products : iphone_os safari
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-7599

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to byp... Read more

    Affected Products : itunes iphone_os safari icloud
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 6.2

    MEDIUM
    CVE-2016-7609

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "AppleGraphicsPowerManagement" component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2427

    An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-2437

    An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2016-7620

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-2431

    An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "CoreMedia" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) ... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2454

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial... Read more

    Affected Products : iphone_os tvos safari
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2471

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. A use-after-free vulnerability allows remote attackers to execute ar... Read more

    Affected Products : iphone_os watchos safari
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-7637

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows local users to gain privileges or cause a denial of se... Read more

    Affected Products : mac_os_x iphone_os watchos
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-7648

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to exe... Read more

    Affected Products : itunes iphone_os safari icloud
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-2429

    An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "FinderKit" component. It allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging unexpected pe... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294690 Results