Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-17571

    FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter.... Read more

    Affected Products : foodpanda_clone
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-17529

    af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.... Read more

    Affected Products : abiword
    • Published: Dec. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17591

    Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.... Read more

    Affected Products : realestate_crowdfunding_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-17554

    A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.... Read more

    Affected Products : aubio
    • Published: Dec. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17623

    Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter.... Read more

    Affected Products : opensource_classified_ads_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17596

    Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.... Read more

    Affected Products : entrepreneur_job_portal_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-17558

    The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows loc... Read more

    • Published: Dec. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17592

    Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.... Read more

    Affected Products : website_auction_marketplace
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17595

    Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.... Read more

    Affected Products : beauty_parlour_booking_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-17560

    An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to pl... Read more

    • Published: Dec. 12, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-17566

    An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.... Read more

    Affected Products : xen
    • Published: Dec. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17579

    FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.... Read more

    Affected Products : freelancer_clone
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17588

    FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.... Read more

    Affected Products : imdb_clone
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17575

    FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter.... Read more

    Affected Products : groupon_clone
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17584

    FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest parameter.... Read more

    Affected Products : makemytrip_clone
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17607

    CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.... Read more

    Affected Products : cms_auditor_website
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17576

    FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory.php sc parameter, or service-provider.php ser parameter.... Read more

    Affected Products : gigs_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17604

    Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter.... Read more

    Affected Products : entrepreneur_bus_booking_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17641

    Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter.... Read more

    Affected Products : resume_clone_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17585

    FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.... Read more

    Affected Products : monster_clone
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294740 Results