Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-1684

    Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a sof... Read more

    • Published: Jan. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35521

    A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.... Read more

    • Published: Mar. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27841

    There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to appl... Read more

    • Published: Jan. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-12975

    ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.... Read more

    • Published: Jun. 26, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-12857

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-8106

    The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT p... Read more

    Affected Products : linux_kernel
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-11784

    The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, allows an information disclosure vulnerability when it improperly han... Read more

    • Published: Oct. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2025-24191

    The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Mar. 31, 2025
    • Modified: Apr. 04, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2024-45819

    PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space t... Read more

    Affected Products :
    • Published: Dec. 19, 2024
    • Modified: Dec. 31, 2024

  • 5.5

    MEDIUM
    CVE-2024-42078

    In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsd_info.mutex early. nfsd_info.mutex can be dereferenced by svc_pool_stats_start() immediately after the new netns is created. Currently this can trigger an oops. M... Read more

    Affected Products : linux_kernel
    • Published: Jul. 29, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-38589

    In the Linux kernel, the following vulnerability has been resolved: netrom: fix possible dead-lock in nr_rt_ioctl() syzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1] Make sure we always acquire nr_node_list_lock before nr_node_lock(... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-36284

    Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-26687

    In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because they can't due to lock inversion. Both are called with t... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-26606

    In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In (e)poll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a com... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-25740

    A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 12, 2024
    • Modified: May. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-38237

    Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigati... Read more

    • Published: Aug. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-49371

    In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in __device_attach In __device_attach function, The lock holding logic is as follows: ... __device_attach device_lock(dev) // get lock dev async_schedul... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Apr. 14, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2022-34236

    Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vuln... Read more

    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1670

    Windows Projected File System FS Filter Driver Information Disclosure Vulnerability... Read more

    • Published: Jan. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-29608

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Up... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293620 Results