Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-2507

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass ... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 8.6

    HIGH
    CVE-2016-8368

    An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, ... Read more

    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2458

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Keyboards" component. A buffer overflow allows attacker... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2016-8606

    The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.... Read more

    Affected Products : fedora guile
    • Published: Jan. 12, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-2467

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execu... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2470

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial... Read more

    Affected Products : iphone_os tvos safari
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2016-8724

    An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information.... Read more

    Affected Products : awk-3131a_firmware awk-3131a
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2459

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial... Read more

    Affected Products : iphone_os tvos safari
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-2475

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via... Read more

    Affected Products : iphone_os tvos safari
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 9.1

    CRITICAL
    CVE-2016-8721

    An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete co... Read more

    Affected Products : awk-3131a_firmware awk-3131a
    • Published: Apr. 20, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2464

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial... Read more

    Affected Products : iphone_os tvos safari
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-2480

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebK... Read more

    Affected Products : itunes iphone_os safari icloud
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-2495

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (application crash) via a crafted web si... Read more

    Affected Products : iphone_os safari
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-2461

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to caus... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2491

    Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file.... Read more

    Affected Products : iphone_os
    • Published: Jun. 27, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-2524

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "TextInput" component. It allows remote attackers ... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-2466

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial... Read more

    Affected Products : iphone_os tvos safari
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-2479

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebK... Read more

    Affected Products : itunes iphone_os tvos safari icloud windows
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-2498

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue involves the "Security" component. It allows attackers to bypass intended access restrictions via an untrusted certificate.... Read more

    Affected Products : iphone_os
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-9147

    named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.... Read more

    Affected Products : bind
    • Published: Jan. 12, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294693 Results