Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2017-13864

    An issue was discovered in certain Apple products. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. The issue involves the "APNs Server" component. It allows man-in-the-middle attackers to track users by leveraging mi... Read more

    Affected Products : itunes icloud windows
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13834

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a cra... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13858

    An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13829

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 2.4

    LOW
    CVE-2017-13844

    An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Messages" component. It allows physically proximate attackers to view arbitrary photos via a Reply With Message action in the lock-screen state.... Read more

    Affected Products : iphone_os
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13840

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13862

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbit... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13848

    An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13847

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service ... Read more

    Affected Products : mac_os_x iphone_os
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13855

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intend... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13868

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intend... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-13903

    An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the application state by leveraging incorrect message handli... Read more

    Affected Products : iphone_os tvos
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13861

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows attackers to execute arbitrary code in a privileged conte... Read more

    Affected Products : iphone_os tvos watchos
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13865

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intend... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13872

    An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain inter... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Nov. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-13876

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbit... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-14050

    In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file.... Read more

    Affected Products : blackcat_cms
    • Published: Aug. 31, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-14348

    LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.... Read more

    Affected Products : libraw
    • Published: Sep. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13999

    A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory; t... Read more

    Affected Products : levi_studio_hmi_editor
    • Published: Oct. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.4

    CRITICAL
    CVE-2017-14000

    An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without au... Read more

    • Published: Oct. 05, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294863 Results