Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.6

    MEDIUM
    CVE-2024-56827

    A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.... Read more

    Affected Products : enterprise_linux openjpeg
    • Published: Jan. 09, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Memory Corruption

  • 5.6

    MEDIUM
    CVE-2019-18373

    Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking other apps on the device, thereby allowing the individual to gain ac... Read more

    Affected Products : norton_app_lock
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2025-47808

    In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.... Read more

    Affected Products : gstreamer
    • Published: Aug. 07, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Denial of Service

  • 5.6

    MEDIUM
    CVE-2025-23392

    A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on target systems.This issue affects Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1: from ... Read more

    Affected Products :
    • Published: May. 26, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.6

    MEDIUM
    CVE-2019-15902

    A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ... Read more

    • Published: Sep. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2023-52768

    In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: use vmm_table as array in wilc struct Enabling KASAN and running some iperf tests raises some memory issues with vmm_table: BUG: KASAN: slab-out-of-bounds in wilc_wlan_... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 02, 2025

  • 5.6

    MEDIUM
    CVE-2019-11091

    Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A li... Read more

    • Published: May. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2012-3498

    PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->inde... Read more

    Affected Products : xen xenserver
    • Published: Nov. 23, 2012
    • Modified: Apr. 11, 2025

  • 5.6

    MEDIUM
    CVE-2025-57572

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl.... Read more

    Affected Products : f3_firmware f3
    • Published: Sep. 10, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 5.6

    MEDIUM
    CVE-2025-57570

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS.... Read more

    Affected Products : f3_firmware f3
    • Published: Sep. 10, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 5.6

    MEDIUM
    CVE-2025-57569

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT.... Read more

    Affected Products : f3_firmware f3
    • Published: Sep. 10, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 5.6

    MEDIUM
    CVE-2025-57573

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi.... Read more

    Affected Products : f3_firmware f3
    • Published: Sep. 10, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 5.6

    MEDIUM
    CVE-2025-57571

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT.... Read more

    Affected Products : f3_firmware f3
    • Published: Sep. 10, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 5.6

    MEDIUM
    CVE-2024-43546

    Windows Cryptographic Information Disclosure Vulnerability... Read more

    • Published: Oct. 08, 2024
    • Modified: Oct. 17, 2024

  • 5.6

    MEDIUM
    CVE-2023-4155

    A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an atta... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • Published: Sep. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2019-1171

    An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an atta... Read more

    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2022-26356

    Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call... Read more

    Affected Products : fedora debian_linux xen
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2012-3209

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect integrity and availability via unknown vectors related to Logical Domain (LDOM).... Read more

    Affected Products : sunos solaris
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 5.6

    MEDIUM
    CVE-2006-2448

    Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possi... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Jun. 23, 2006
    • Modified: Apr. 03, 2025

  • 5.6

    MEDIUM
    CVE-2006-0755

    Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary commands via the baseDir parameter in (1) db_adodb.php, (2) db_connect.php, (3) session.php, (4... Read more

    Affected Products : dotproject
    • Published: Feb. 18, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294733 Results