Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2018-16862

    A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data inste... Read more

    • Published: Nov. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53217

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. If __nfsd4_find_backchannel() finds no available backchannel session, setup_callback_client() wi... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2022-30162

    Windows Kernel Information Disclosure Vulnerability... Read more

    • Published: Jun. 15, 2022
    • Modified: Jan. 02, 2025

  • 5.5

    MEDIUM
    CVE-2022-30197

    Windows Kernel Information Disclosure Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: Jun. 24, 2025

  • 5.5

    MEDIUM
    CVE-2022-30171

    Microsoft Office Information Disclosure Vulnerability... Read more

    • Published: Jun. 15, 2022
    • Modified: Jan. 02, 2025

  • 5.5

    MEDIUM
    CVE-2022-30148

    Windows Desired State Configuration (DSC) Information Disclosure Vulnerability... Read more

    • Published: Jun. 15, 2022
    • Modified: Jan. 02, 2025

  • 5.5

    MEDIUM
    CVE-2022-2953

    LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8.... Read more

    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-2941

    The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities in versions up to, and including 2.88.0. This is due to the fact that all fields in the "Naming Conventions" section do not properly sanitize user input, nor e... Read more

    Affected Products : wp-useronline
    • Published: Sep. 06, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-30172

    Microsoft Office Information Disclosure Vulnerability... Read more

    • Published: Jun. 15, 2022
    • Modified: Jan. 02, 2025

  • 5.5

    MEDIUM
    CVE-2022-2905

    An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.... Read more

    • Published: Sep. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53210

    In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() Passing MSG_PEEK flag to skb_recv_datagram() increments skb refcount (skb->users) and iucv_sock_recvmsg() does not decreme... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2021-30199

    In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gf_filter_pck_get_data is called. The first arg pck may be null with a crafted mp4 file,which results in a crash.... Read more

    Affected Products : gpac
    • Published: Apr. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-2806

    It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev... Read more

    Affected Products : sos log_collector sosreport
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53207

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible deadlocks This fixes possible deadlocks like the following caused by hci_cmd_sync_dequeue causing the destroy function to run: INFO: task kworker/u19:0:1... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-53188

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix crash when unbinding If there is an error during some initialization related to firmware, the function ath12k_dp_cc_cleanup is called to release resources. However thi... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 15, 2025

  • 5.5

    MEDIUM
    CVE-2022-2476

    A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000000... Read more

    Affected Products : fedora wavpack
    • Published: Jul. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-2416

    In affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment.... Read more

    Affected Products : octopus_server
    • Published: Aug. 02, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53209

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix receive ring space parameters when XDP is active The MTU setting at the time an XDP multi-buffer is attached determines whether the aggregation ring will be used and the rx... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-2318

    There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.... Read more

    • Published: Jul. 06, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-32613

    In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.... Read more

    Affected Products : fedora radare2
    • Published: May. 14, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293354 Results