Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.0

    HIGH
    CVE-2017-6346

    Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt syste... Read more

    Affected Products : linux_kernel
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6345

    The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system cal... Read more

    Affected Products : linux_kernel
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2017-5995

    The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers to obtain sensitive information via unspecified vectors.... Read more

    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-9830

    The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.... Read more

    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.5

    HIGH
    CVE-2016-6485

    The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guess... Read more

    Affected Products : magento magento2
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2016-5374

    NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL entry.... Read more

    Affected Products : data_ontap
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.0

    HIGH
    CVE-2016-10151

    The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the (1) HESIOD_CONFIG or (2) HES_DOMAIN environment vari... Read more

    Affected Products : hesiod
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.4

    HIGH
    CVE-2017-2685

    Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions ... Read more

    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-5981

    seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5980

    The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5979

    The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5978

    The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5977

    The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5976

    Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.... Read more

    Affected Products : debian_linux zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5975

    Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.... Read more

    Affected Products : debian_linux zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5974

    Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.... Read more

    Affected Products : debian_linux zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 7.8

    HIGH
    CVE-2017-5886

    Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-5855

    The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-5854

    base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-5853

    Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.... Read more

    Affected Products : podofo
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293507 Results