Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.9

MEDIUM

CVE-2017-0273

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0280....

Affected Products : windows_10 windows_7 windows_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0272

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an at...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.9

MEDIUM

CVE-2017-0271

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 160...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.9

MEDIUM

CVE-2017-0270

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 160...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.9

MEDIUM

CVE-2017-0269

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280....

Affected Products : windows_10 windows_7 windows_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.9

MEDIUM

CVE-2017-0268

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 160...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.9

MEDIUM

CVE-2017-0267

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 160...

Affected Products : windows_10 windows_7 windows_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.6

HIGH

CVE-2017-0266

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."...

Affected Products : edge
Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0265

Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0264...

Affected Products : office powerpoint_for_mac
Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0264

Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0265...

Affected Products : office powerpoint_for_mac
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-0263

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a cra...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_10_1607 windows_10_1507 windows_10_1703 +1 more products
Actively Exploited

Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0262

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-026...

Affected Products : office
Actively Exploited

Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0261

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-026...

Affected Products : office
Actively Exploited

Published: May. 12, 2017

Modified: Apr. 20, 2025
4.7

MEDIUM

CVE-2017-0259

The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows K...

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
4.7

MEDIUM

CVE-2017-0258

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive ...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.3

MEDIUM

CVE-2017-0256

A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests....

Affected Products : asp.net_core asp.net_model_view_controller microsoft.aspnetcore.mvc.abstractions microsoft.aspnetcore.mvc.apiexplorer microsoft.aspnetcore.mvc.cors microsoft.aspnetcore.mvc.dataannotations microsoft.aspnetcore.mvc.formatters.json microsoft.aspnetcore.mvc.formatters.xml microsoft.aspnetcore.mvc.localization microsoft.aspnetcore.mvc.razor +9 more products
Published: May. 12, 2017

Modified: Apr. 20, 2025
5.4

MEDIUM

CVE-2017-0255

Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privilege vulnerability when it does not properly sanitize a specially crafted web request, aka "Microsoft SharePoint XSS Vulnerability"....

Affected Products : sharepoint_foundation office
Published: May. 12, 2017

Modified: Apr. 20, 2025
9.3

HIGH

CVE-2017-0254

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on...

Affected Products : office word word_viewer sharepoint_server office_web_apps office_compatibility_pack word_rt
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.5

HIGH

CVE-2017-0249

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests....

Affected Products : asp.net_core asp.net_model_view_controller microsoft.aspnetcore.mvc.abstractions microsoft.aspnetcore.mvc.apiexplorer microsoft.aspnetcore.mvc.cors microsoft.aspnetcore.mvc.dataannotations microsoft.aspnetcore.mvc.formatters.json microsoft.aspnetcore.mvc.formatters.xml microsoft.aspnetcore.mvc.localization microsoft.aspnetcore.mvc.razor +9 more products
Published: May. 12, 2017

Modified: Apr. 20, 2025
7.5

HIGH

CVE-2017-0248

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."...

Affected Products : .net_framework
Published: May. 12, 2017

Modified: Apr. 20, 2025

Showing 20 of 294522 Results

Browse by Apps

Latest CVE Feed

5.9

9.3

5.9

5.9

5.9

5.9

5.9

7.6

9.3

9.3

7.8

9.3

9.3

4.7

4.7

5.3

5.4

9.3

7.5

7.5

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable