Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2016-3015

    IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi... Read more

    Affected Products : cognos_analytics
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2015-4680

    FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.... Read more

    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2014-9829

    coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.... Read more

    Affected Products : imagemagick
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2017-6340

    Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWS... Read more

    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-6339

    Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages certain key and certificate data. Per IWSVA documentation, by default, IWSVA acts as a private Certificate Authority (CA) and dynamically generates digital certific... Read more

    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-6338

    Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Auditor' to change FTP Access Control Settings, create or mod... Read more

    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 9.0

    HIGH
    CVE-2016-9091

    Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with eleva... Read more

    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2017-6975

    Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom fi... Read more

    Affected Products : iphone_os
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-6956

    On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r (FT) authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition... Read more

    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-0339

    An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged proc... Read more

    Affected Products : android linux_kernel
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-0332

    An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged proc... Read more

    Affected Products : android linux_kernel
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 4.7

    MEDIUM
    CVE-2017-0330

    An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Pr... Read more

    Affected Products : android linux_kernel
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-0329

    An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. This issue is rated as Hig... Read more

    Affected Products : android linux_kernel
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 4.7

    MEDIUM
    CVE-2017-0328

    An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Pr... Read more

    Affected Products : android linux_kernel
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-0327

    An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged proc... Read more

    Affected Products : android linux_kernel
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.6

    HIGH
    CVE-2017-0325

    An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged pro... Read more

    Affected Products : android linux_kernel
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.3

    HIGH
    CVE-2017-7358

    In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.... Read more

    Affected Products : ubuntu_linux lightdm
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-2671

    The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by... Read more

    Affected Products : linux_kernel
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-5649

    Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an ... Read more

    Affected Products : geode
    • Published: Apr. 04, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-5870

    The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293698 Results