Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.6

    MEDIUM
    CVE-2022-21239

    Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : quickassist_technology
    • Published: May. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2022-1172

    Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV.... Read more

    Affected Products : gpac
    • Published: Mar. 30, 2022
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2021-43246

    Windows Hyper-V Denial of Service Vulnerability... Read more

    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2025-7396

    In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assem... Read more

    Affected Products : wolfssl
    • Published: Jul. 18, 2025
    • Modified: Jul. 22, 2025

  • 5.6

    MEDIUM
    CVE-2024-35195

    Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verificati... Read more

    Affected Products :
    • Published: May. 20, 2024
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2023-3301

    A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause ... Read more

    Affected Products : enterprise_linux qemu
    • Published: Sep. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2023-26554

    mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.... Read more

    Affected Products : ntp
    • Published: Apr. 11, 2023
    • Modified: Feb. 11, 2025

  • 5.6

    MEDIUM
    CVE-2023-26552

    mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.... Read more

    Affected Products : ntp
    • Published: Apr. 11, 2023
    • Modified: Feb. 11, 2025

  • 5.6

    MEDIUM
    CVE-2018-12130

    Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacte... Read more

    • Published: May. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2021-26401

    LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.... Read more

    • Published: Mar. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2018-0888

    The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2024-36357

    A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure

  • 5.6

    MEDIUM
    CVE-2024-36350

    A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure

  • 5.6

    MEDIUM
    CVE-2017-5715

    Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.... Read more

    • Published: Jan. 04, 2018
    • Modified: May. 06, 2025

  • 5.6

    MEDIUM
    CVE-2020-8833

    Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls wh... Read more

    Affected Products : ubuntu_linux apport apport
    • Published: Apr. 22, 2020
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2024-47291

    Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 27, 2024
    • Modified: Oct. 01, 2024

  • 5.6

    MEDIUM
    CVE-2018-3620

    Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysi... Read more

    • Published: Aug. 14, 2018
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2017-3265

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privilege... Read more

    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.6

    MEDIUM
    CVE-2017-5754

    Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.... Read more

    • Published: Jan. 04, 2018
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2017-12549

    A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.... Read more

    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 294793 Results