Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-5358

    Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (3) i5_private_connect API function.... Read more

    Affected Products : easycom_for_php
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-10197

    The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.... Read more

    Affected Products : debian_linux libevent
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-10196

    Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argumen... Read more

    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2016-10195

    The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read.... Read more

    Affected Products : debian_linux libevent
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2016-10168

    Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.... Read more

    Affected Products : libgd
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-10167

    The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.... Read more

    Affected Products : libgd
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2016-10166

    Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.... Read more

    Affected Products : libgd
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-10163

    Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) by repeatedly creating a decode context.... Read more

    Affected Products : virglrenderer
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 6.0

    MEDIUM
    CVE-2016-10155

    Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.... Read more

    Affected Products : debian_linux qemu
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6852

    Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image.... Read more

    Affected Products : jasper
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6851

    The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service (invalid read) via a crafted image.... Read more

    Affected Products : jasper
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6850

    The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.... Read more

    Affected Products : jasper
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6849

    The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6848

    The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6847

    The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6846

    The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6845

    The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6844

    Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6843

    Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6842

    The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293555 Results