Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-7609

    elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.... Read more

    Affected Products : elfutils
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7608

    The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.... Read more

    Affected Products : ubuntu_linux debian_linux elfutils
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7607

    The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.... Read more

    Affected Products : elfutils
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-7606

    coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other i... Read more

    Affected Products : imagemagick
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7605

    aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.... Read more

    Affected Products : libaacplus
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7604

    au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.... Read more

    Affected Products : libaacplus
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7603

    au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.... Read more

    Affected Products : libaacplus
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7602

    LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7601

    LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7600

    LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted im... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7599

    LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7598

    tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7597

    tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a c... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7596

    LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7595

    The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7594

    The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7593

    tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-7592

    The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.... Read more

    Affected Products : libtiff
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-7591

    OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/user/.... Read more

    Affected Products : openidm
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-7590

    OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by a crafted Managed Object Name.... Read more

    Affected Products : openidm
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293634 Results