Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 5.7

    MEDIUM
    CVE-2024-28023

    A vulnerability exists in the message queueing mechanism that if exploited can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.... Read more

    Affected Products :
    • Published: Jun. 11, 2024
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2024-47827

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with acce... Read more

    Affected Products : argo_workflows
    • Published: Oct. 28, 2024
    • Modified: Nov. 05, 2024
  • 5.7

    MEDIUM
    CVE-2013-5527

    The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030.... Read more

    Affected Products : ios_xe ios
    • Published: Oct. 10, 2013
    • Modified: Apr. 11, 2025
  • 5.7

    MEDIUM
    CVE-2020-27350

    APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions pr... Read more

    • Published: Dec. 10, 2020
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2013-5184

    The kernel in Apple Mac OS X before 10.9 does not properly check for errors during the processing of multicast Wi-Fi packets, which allows remote attackers to cause a denial of service (system crash) by leveraging presence in an 802.11 network's coverage ... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025
  • 5.7

    MEDIUM
    CVE-2020-27276

    SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i & AnyDana-A mobile apps doesn't use adequate measures to authenticate the communicating entities before exchanging keys, which al... Read more

    • Published: Jan. 19, 2021
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2020-27270

    SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in transit which allows unauthenticated physically proximate a... Read more

    • Published: Jan. 19, 2021
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2013-4551

    Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "gu... Read more

    Affected Products : xen
    • Published: Nov. 18, 2013
    • Modified: Apr. 11, 2025
  • 5.7

    MEDIUM
    CVE-2020-27211

    Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during the boot phase.... Read more

    Affected Products : nrf52840_firmware nrf52840
    • Published: May. 21, 2021
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2024-24823

    Graylog is a free and open log management platform. Starting in version 4.3.0 and prior to versions 5.1.11 and 5.2.4, reauthenticating with an existing session cookie would re-use that session id, even if for different user credentials. In this case, the ... Read more

    Affected Products : graylog
    • Published: Feb. 07, 2024
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2023-51580

    BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User int... Read more

    Affected Products : bluez
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025
  • 5.7

    MEDIUM
    CVE-2013-2212

    The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN ran... Read more

    Affected Products : xen
    • Published: Aug. 28, 2013
    • Modified: Apr. 11, 2025
  • 5.7

    MEDIUM
    CVE-2013-1935

    A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest OS users to cause a denial of service (host OS crash) by ... Read more

    Affected Products : enterprise_linux
    • Published: Jul. 16, 2013
    • Modified: Apr. 11, 2025
  • 5.7

    MEDIUM
    CVE-2024-28036

    Improper conditions check for some Intel(R) Arc™ GPU may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Denial of Service
  • 5.7

    MEDIUM
    CVE-2017-13683

    In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In obj... Read more

    Affected Products : endpoint_encryption
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025
  • 5.7

    MEDIUM
    CVE-2017-3276

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized block driver). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logo... Read more

    Affected Products : solaris
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025
  • 5.7

    MEDIUM
    CVE-2018-19665

    The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.... Read more

    Affected Products : leap qemu
    • Published: Dec. 06, 2018
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2024-23492

    A weak encoding is used to transmit credentials for WS203VICM. ... Read more

    Affected Products :
    • Published: Mar. 01, 2024
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2020-27825

    A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw co... Read more

    • Published: Dec. 11, 2020
    • Modified: Nov. 21, 2024
  • 5.7

    MEDIUM
    CVE-2024-22037

    The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users.... Read more

    Affected Products :
    • Published: Nov. 28, 2024
    • Modified: Nov. 28, 2024
Showing 20 of 294836 Results