Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

4.3

MEDIUM

CVE-2017-5040

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-5039

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
6.8

MEDIUM

CVE-2017-5038

Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension....

Affected Products : linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-5037

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-5036

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.1

HIGH

CVE-2017-5035

Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site....

Affected Products : debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5034

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file....

Affected Products : linux_kernel chrome windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
4.3

MEDIUM

CVE-2017-5033

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HT...

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5032

PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file....

Affected Products : chrome windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5031

A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page....

Affected Products : firefox firefox_esr chrome windows
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5030

Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page....

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos windows
Actively Exploited

Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.8

HIGH

CVE-2017-5029

The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowe...

Affected Products : android linux_kernel debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome macos libxslt windows +1 more products
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2016-6915

Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5....

Affected Products : shield_tablet_firmware shield_tablet_tk1_firmware shield_tv_firmware video_driver shield_tv pixel_c nexus_9 shield_tablet shield_tablet_tk1
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
3.1

LOW

CVE-2017-3626

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

Affected Products : glassfish_server
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
8.2

HIGH

CVE-2017-3625

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affected are 11.1.1.7, 11.1.1.9, 12.2.1.0, 12.2.1.1 and 12.2.1.2. Easily "exploitable" vulnerability allows una...

Affected Products : webcenter_content
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
10.0

CRITICAL

CVE-2017-3623

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). For supported versions that are affected see note. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple ...

Affected Products : solaris solaris
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-3622

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the...

Affected Products : solaris solaris
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.5

HIGH

CVE-2017-3621

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: IPC Frameworks). The supported version that is affected is AK 2013. Easily "exploitable" vulnerability allows unauthenticated attacker wi...

Affected Products : zfs_storage_appliance_kit sun_zfs_storage_appliance_kit
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
7.8

HIGH

CVE-2017-3620

Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows low privileged attacker with logon to the...

Affected Products : automatic_service_request
Published: Apr. 24, 2017

Modified: Apr. 20, 2025
5.5

MEDIUM

CVE-2017-3619

Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows low privileged attacker with logon to the...

Affected Products : automatic_service_request
Published: Apr. 24, 2017

Modified: Apr. 20, 2025

Showing 20 of 294522 Results

Browse by Apps

Latest CVE Feed

4.3

7.8

6.8

7.8

7.8

8.1

8.8

4.3

8.8

8.8

8.8

8.8

7.8

3.1

8.2

10.0

7.8

7.5

7.8

5.5

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable