Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-52435

    In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the kernel in skb_segment() [1] GSO_BY_FRAGS is a forbidden value, but unfortunately the following computa... Read more

    Affected Products : linux_kernel
    • Published: Feb. 20, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52426

    libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.... Read more

    Affected Products : libexpat sinec_nms
    • EPSS Score: %0.02
    • Published: Feb. 04, 2024
    • Modified: Jun. 17, 2025

  • 5.5

    MEDIUM
    CVE-2023-52442

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request `smb2_get_msg()` in smb2_get_ksmbd_tcon() and smb2_check_user_session() will always return the first request smb2 header in a ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 21, 2024
    • Modified: Dec. 12, 2024

  • 5.5

    MEDIUM
    CVE-2023-47076

    Adobe InDesign versions 19.0 (and earlier) and 17.4.2 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the c... Read more

    Affected Products : macos windows indesign
    • EPSS Score: %0.09
    • Published: Dec. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-47044

    Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %0.02
    • Published: Nov. 16, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-46835

    The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IO... Read more

    Affected Products : xen
    • EPSS Score: %0.08
    • Published: Jan. 05, 2024
    • Modified: Jun. 17, 2025

  • 5.5

    MEDIUM
    CVE-2023-46316

    In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines.... Read more

    Affected Products : debian_linux traceroute
    • EPSS Score: %0.04
    • Published: Oct. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-46001

    Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data.... Read more

    Affected Products : gpac
    • EPSS Score: %0.06
    • Published: Nov. 07, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-44346

    Adobe InDesign versions ID18.5 (and earlier) and ID17.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR... Read more

    Affected Products : macos windows indesign
    • Published: Feb. 29, 2024
    • Modified: Dec. 02, 2024

  • 5.5

    MEDIUM
    CVE-2023-44340

    Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigati... Read more

    • EPSS Score: %0.08
    • Published: Nov. 16, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-43485

    When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.... Read more

    • EPSS Score: %0.23
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-42888

    The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. Processing a maliciously crafted image may result in... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.02
    • Published: Jan. 23, 2024
    • Modified: Jun. 16, 2025

  • 5.5

    MEDIUM
    CVE-2023-42366

    A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.... Read more

    Affected Products : busybox
    • EPSS Score: %0.02
    • Published: Nov. 27, 2023
    • Modified: Dec. 06, 2024

  • 5.5

    MEDIUM
    CVE-2023-42365

    A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.... Read more

    Affected Products : busybox
    • EPSS Score: %0.03
    • Published: Nov. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-42364

    A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.... Read more

    Affected Products : busybox
    • EPSS Score: %0.03
    • Published: Nov. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-4194

    A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem ... Read more

    • EPSS Score: %0.01
    • Published: Aug. 07, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-38559

    A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.... Read more

    • EPSS Score: %0.02
    • Published: Aug. 01, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-38243

    Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations s... Read more

    • EPSS Score: %0.06
    • Published: Aug. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-38238

    Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations s... Read more

    • EPSS Score: %0.09
    • Published: Aug. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-37732

    Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file.... Read more

    Affected Products : yasm
    • EPSS Score: %0.03
    • Published: Jul. 26, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291808 Results