Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2017-9811

    The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the pr... Read more

    Affected Products : anti-virus_for_linux_server
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-9810

    There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacker to submit authenticated requests when an authenticated... Read more

    Affected Products : anti-virus_for_linux_server
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-9671

    A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.... Read more

    Affected Products : alpine_linux
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-9669

    A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.... Read more

    Affected Products : alpine_linux
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-9609

    Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php.... Read more

    Affected Products : blackcat_cms
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-9340

    An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server before 10.0.2.... Read more

    Affected Products : owncloud
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.3

    MEDIUM
    CVE-2017-9339

    A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token.... Read more

    Affected Products : owncloud
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-9338

    Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. To be exploitable a user has to write or paste malicious content into the search dialog... Read more

    Affected Products : owncloud
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-8896

    ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.... Read more

    Affected Products : owncloud
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-7947

    NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line.... Read more

    Affected Products : clustered_data_ontap
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.0

    HIGH
    CVE-2017-6744

    The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to rel... Read more

    Affected Products : ios
    • Actively Exploited
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6743

    The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to rel... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6742

    A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6741

    A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected... Read more

    Affected Products : ios_xe ios
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6740

    The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to rel... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6739

    A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6738

    The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to rel... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6737

    A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6736

    The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to rel... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 7.5

    HIGH
    CVE-2017-9639

    An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and prior. A memory corruption vulnerability has been identified (aka improper restriction of operations within the bounds of a memory buffer), which may allow remote code execution.... Read more

    Affected Products : v-server
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294832 Results