Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2015-2647

    Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows... Read more

    • EPSS Score: %0.18
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-48659

    In the Linux kernel, the following vulnerability has been resolved: mm/slub: fix to return errno if kmalloc() fails In create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to out-of-memory, if it fails, return errno correctly rather than triggering pa... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-9915

    Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.17
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9853

    Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.... Read more

    • EPSS Score: %0.47
    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9840

    ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.39
    • Published: Mar. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9816

    ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.40
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9806

    ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.46
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-3968

    The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.... Read more

    Affected Products : xen opensuse
    • EPSS Score: %0.41
    • Published: Jun. 05, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2024-26670

    In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Currently the ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround isn't quite right, as it is supposed to be applied after the... Read more

    Affected Products : linux_kernel
    • Published: Apr. 02, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2012-1096

    NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.... Read more

    Affected Products : debian_linux networkmanager
    • EPSS Score: %0.35
    • Published: Mar. 10, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-4594

    The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.17
    • Published: May. 17, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2011-2479

    The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Mar. 01, 2013
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2009-0992

    Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained fr... Read more

    • EPSS Score: %0.49
    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2008-3984

    Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vul... Read more

    • EPSS Score: %67.35
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2005-2456

    Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, wh... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.12
    • Published: Aug. 04, 2005
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-52596

    In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix out of bounds access for empty sysctl registers When registering tables to the sysctl subsystem there is a check to see if header is a permanently empty directory (used for ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2024
    • Modified: Feb. 14, 2025

  • 5.5

    MEDIUM
    CVE-2025-54233

    Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.... Read more

    Affected Products : windows framemaker
    • Published: Aug. 12, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-49658

    Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-48810

    Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.... Read more

    Affected Products : windows_11_24h2 windows_server_2025
    • Published: Jul. 08, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-47111

    Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, ... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Denial of Service
Showing 20 of 292124 Results