Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.9

MEDIUM

CVE-2017-0268

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 160...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.9

MEDIUM

CVE-2017-0267

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 160...

Affected Products : windows_10 windows_7 windows_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.6

HIGH

CVE-2017-0266

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."...

Affected Products : edge
Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0265

Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0264...

Affected Products : office powerpoint_for_mac
Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0264

Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0265...

Affected Products : office powerpoint_for_mac
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-0263

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a cra...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_10_1607 windows_10_1507 windows_10_1703 +1 more products
Actively Exploited

Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0262

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-026...

Affected Products : office
Actively Exploited

Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0261

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-026...

Affected Products : office
Actively Exploited

Published: May. 12, 2017

Modified: Apr. 20, 2025
4.7

MEDIUM

CVE-2017-0259

The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows K...

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
4.7

MEDIUM

CVE-2017-0258

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive ...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.3

MEDIUM

CVE-2017-0256

A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests....

Affected Products : asp.net_core asp.net_model_view_controller microsoft.aspnetcore.mvc.abstractions microsoft.aspnetcore.mvc.apiexplorer microsoft.aspnetcore.mvc.cors microsoft.aspnetcore.mvc.dataannotations microsoft.aspnetcore.mvc.formatters.json microsoft.aspnetcore.mvc.formatters.xml microsoft.aspnetcore.mvc.localization microsoft.aspnetcore.mvc.razor +9 more products
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.4

MEDIUM

CVE-2017-0255

Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privilege vulnerability when it does not properly sanitize a specially crafted web request, aka "Microsoft SharePoint XSS Vulnerability"....

Affected Products : sharepoint_foundation office
Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0254

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on...

Affected Products : office word word_viewer sharepoint_server office_web_apps office_compatibility_pack word_rt
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.5

HIGH

CVE-2017-0249

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests....

Affected Products : asp.net_core asp.net_model_view_controller microsoft.aspnetcore.mvc.abstractions microsoft.aspnetcore.mvc.apiexplorer microsoft.aspnetcore.mvc.cors microsoft.aspnetcore.mvc.dataannotations microsoft.aspnetcore.mvc.formatters.json microsoft.aspnetcore.mvc.formatters.xml microsoft.aspnetcore.mvc.localization microsoft.aspnetcore.mvc.razor +9 more products
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.5

HIGH

CVE-2017-0248

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."...

Affected Products : .net_framework
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.5

HIGH

CVE-2017-0247

A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web pac...

Affected Products : asp.net_core asp.net_model_view_controller microsoft.aspnetcore.mvc.abstractions microsoft.aspnetcore.mvc.apiexplorer microsoft.aspnetcore.mvc.cors microsoft.aspnetcore.mvc.dataannotations microsoft.aspnetcore.mvc.formatters.json microsoft.aspnetcore.mvc.formatters.xml microsoft.aspnetcore.mvc.localization microsoft.aspnetcore.mvc.razor +9 more products
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.0

HIGH

CVE-2017-0246

The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privi...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
4.7

MEDIUM

CVE-2017-0245

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vuln...

Affected Products : windows_7 windows_server_2008 windows_server_2012
Published: May. 12, 2017

Modified: Apr. 20, 2025
6.9

MEDIUM

CVE-2017-0244

The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows locally authenticated attackers to gain privileges via a crafted application, or in Windows 7 for x64-based systems, cause denial of service, aka "Windows Kernel Elevation of Privi...

Affected Products : windows_7 windows_server_2008
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.5

MEDIUM

CVE-2017-0242

An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability."...

Affected Products : windows_7 windows_server_2008
Published: May. 12, 2017

Modified: Apr. 20, 2025

Showing 20 of 294277 Results

Browse by Apps

Latest CVE Feed

5.9

5.9

7.6

9.3

9.3

7.8

9.3

9.3

4.7

4.7

5.3

5.4

9.3

7.5

7.5

7.5

7.0

4.7

6.9

5.5

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable