Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-25339

    ownCloud owncloud/android 2.20 has Incorrect Access Control for local attackers.... Read more

    Affected Products : owncloud owncloud_client
    • Published: Apr. 07, 2022
    • Modified: Mar. 26, 2025

  • 5.5

    MEDIUM
    CVE-2024-53064

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and wa... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 25, 2024

  • 5.5

    MEDIUM
    CVE-2022-25204

    Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to control agent processes to determine whether a file with a g... Read more

    Affected Products : doktor
    • Published: Feb. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-25051

    An Off-by-one Error occurs in cmr113_decode of rtl_433 21.12 when decoding a crafted file.... Read more

    Affected Products : rtl_433
    • Published: Mar. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53065

    In the Linux kernel, the following vulnerability has been resolved: mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create Commit b035f5a6d852 ("mm: slab: reduce the kmalloc() minimum alignment if DMA bouncing possible") red... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 25, 2024

  • 5.5

    MEDIUM
    CVE-2024-53069

    In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with __scm being NULL (the driver may not have been and will not be probed as there's no SCM entry in d... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 22, 2024

  • 5.5

    MEDIUM
    CVE-2022-25169

    The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.... Read more

    Affected Products : primavera_unifier tika
    • Published: May. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-25108

    Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation.... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24742

    Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is availab... Read more

    Affected Products : sylius
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53049

    In the Linux kernel, the following vulnerability has been resolved: slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof 'modprobe slub_kunit' will have a warning as shown below. The root cause is that __kmalloc_cache_noprof was directly us... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 22, 2024

  • 5.5

    MEDIUM
    CVE-2022-24576

    GPAC 1.0.1 is affected by Use After Free through MP4Box.... Read more

    Affected Products : gpac
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24493

    Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24483

    Windows Kernel Information Disclosure Vulnerability... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24462

    Microsoft Word Security Feature Bypass Vulnerability... Read more

    • Published: Mar. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24350

    An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. ... Read more

    Affected Products : insydeh2o
    • Published: Apr. 12, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2022-24249

    A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871.... Read more

    Affected Products : gpac
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24130

    xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.... Read more

    Affected Products : fedora debian_linux xterm
    • Published: Jan. 31, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24308

    Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process.... Read more

    Affected Products : macos windows automox linux_kernel
    • Published: Apr. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24055

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ... Read more

    Affected Products : dicom_viewer_pro
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-23955

    Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.... Read more

    • Published: Mar. 02, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293354 Results