Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-34771

    A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local attacker to view more information than their privileges allow. This vulnerability is due to insufficient application of restrictions during the execution of a specific co... Read more

    Affected Products : ios_xr
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48728

    In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1_ipoib_setup_rn() can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48718

    In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drm_atomic_get_new_bridge_state is allowed to return. Assume a fixed format instead.... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48647

    In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel offset when using legacy interrupts In legacy interrupt mode the tx_channel_offset was hardcoded to 1, but that's not correct if efx_sepparate_tx_channels is false. ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48629

    In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - ensure buffer for generate is completely filled The generate function in struct rng_alg expects that the destination buffer is completely filled if the function retur... Read more

    Affected Products : linux_kernel
    • Published: Mar. 05, 2024
    • Modified: Feb. 26, 2025

  • 5.5

    MEDIUM
    CVE-2021-34711

    A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability... Read more

    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-45873

    systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same functio... Read more

    Affected Products : fedora systemd
    • Published: Nov. 23, 2022
    • Modified: Apr. 25, 2025

  • 5.5

    MEDIUM
    CVE-2021-34700

    A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This vulnerability exists because access to sensitive informati... Read more

    • Published: Jul. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48838

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver The syzbot fuzzer found a use-after-free bug: BUG: KASAN: use-after-free in dev_uevent+0x712/0x780 drivers/base/core.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-42722

    In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.... Read more

    Affected Products : linux_kernel fedora debian_linux
    • Published: Oct. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34556

    In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locati... Read more

    Affected Products : linux_kernel fedora debian_linux
    • Published: Aug. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-39253

    Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone... Read more

    Affected Products : fedora debian_linux git xcode git
    • Published: Oct. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34496

    Windows GDI Information Disclosure Vulnerability... Read more

    • Published: Jul. 14, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38428

    Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Expl... Read more

    Affected Products : macos windows photoshop
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-52337

    A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker coul... Read more

    • Published: Nov. 26, 2024
    • Modified: Feb. 25, 2025

  • 5.5

    MEDIUM
    CVE-2021-34454

    Windows Remote Access Connection Manager Information Disclosure Vulnerability... Read more

    • Published: Jul. 16, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34405

    NVIDIA Linux distributions contain a vulnerability in TrustZone’s TEE_Malloc function, where an unchecked return value causing a null pointer dereference may lead to denial of service.... Read more

    Affected Products : android shield_experience
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34440

    GDI+ Information Disclosure Vulnerability... Read more

    • Published: Jul. 16, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34252

    Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Expl... Read more

    Affected Products : macos windows incopy
    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34392

    Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292826 Results