Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2016-9009

    IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.... Read more

    Affected Products : websphere_mq
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.2

    HIGH
    CVE-2016-8998

    IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference #: 1998747.... Read more

    Affected Products : tivoli_storage_manager
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-5669

    The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the m... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6310

    An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.... Read more

    Affected Products : debian_linux tnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6309

    An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.... Read more

    Affected Products : debian_linux tnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6308

    An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.... Read more

    Affected Products : debian_linux tnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6307

    An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.... Read more

    Affected Products : debian_linux tnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6306

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6305

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6304

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6303

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6302

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6301

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6300

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6299

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6298

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."... Read more

    Affected Products : debian_linux ytnef
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6197

    The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function.... Read more

    Affected Products : radare2
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-6196

    Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecif... Read more

    Affected Products : afpl_ghostscript
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-6099

    Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter.... Read more

    Affected Products : merchant-sdk-php
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6076

    In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine.... Read more

    Affected Products : wolfssl
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293562 Results