Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

4.3

MEDIUM

CVE-2017-5046

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information dis...

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
6.1

MEDIUM

CVE-2017-5045

XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
6.8

MEDIUM

CVE-2017-5044

Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5043

Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension....

Affected Products : linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
5.7

MEDIUM

CVE-2017-5042

Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe a...

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
4.3

MEDIUM

CVE-2017-5041

Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page....

Affected Products : chrome
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
4.3

MEDIUM

CVE-2017-5040

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-5039

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
6.8

MEDIUM

CVE-2017-5038

Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension....

Affected Products : linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-5037

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-5036

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.1

HIGH

CVE-2017-5035

Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site....

Affected Products : debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5034

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file....

Affected Products : linux_kernel chrome windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
4.3

MEDIUM

CVE-2017-5033

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HT...

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5032

PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file....

Affected Products : chrome windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5031

A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page....

Affected Products : firefox firefox_esr chrome windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5030

Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Actively Exploited

Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5029

The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowe...

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos libxslt windows +1 more products
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2016-6915

Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5....

Affected Products : shield_tablet_firmware shield_tablet_tk1_firmware shield_tv_firmware video_driver shield_tv pixel_c nexus_9 shield_tablet shield_tablet_tk1
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
3.1

LOW

CVE-2017-3626

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

Affected Products : glassfish_server
Published: Apr. 24, 2017

Modified: Apr. 20, 2025

Showing 20 of 293948 Results

Browse by Apps

Latest CVE Feed

4.3

6.1

6.8

8.8

5.7

4.3

4.3

7.8

6.8

7.8

7.8

8.1

8.8

4.3

8.8

8.8

8.8

8.8

7.8

3.1

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable