Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-46923

    In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always cleanup mount_kattr Make sure that finish_mount_kattr() is called after mount_kattr was succesfully built in both the success and failure case to prevent leakin... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46667

    MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash.... Read more

    Affected Products : fedora mariadb
    • EPSS Score: %0.05
    • Published: Feb. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46311

    A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_destroy_routes () at scenegraph/vrml_route.c. This vulnerability can lead to a Denial of Service (DoS).... Read more

    Affected Products : gpac
    • EPSS Score: %0.14
    • Published: Jan. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46236

    A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_vrml_field_pointer_del () at scenegraph/vrml_tools.c. This vulnerability can lead to a Denial of Service (DoS).... Read more

    Affected Products : gpac
    • EPSS Score: %0.16
    • Published: Jan. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45480

    An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.04
    • Published: Dec. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45260

    A null pointer dereference vulnerability exists in gpac 1.1.0 in the lsr_read_id.part function, which causes a segmentation fault and application crash.... Read more

    Affected Products : gpac
    • EPSS Score: %0.15
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45257

    An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.... Read more

    Affected Products : netwide_assembler nasm
    • EPSS Score: %0.27
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45052

    Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows bridge
    • EPSS Score: %2.37
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46668

    MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.... Read more

    Affected Products : fedora mariadb
    • EPSS Score: %0.04
    • Published: Feb. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-4441

    In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() In zynq_qspi_exec_mem_op(), kzalloc() is directly used in memset(), which could lead to a NULL pointer dere... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Sep. 11, 2024

  • 5.5

    MEDIUM
    CVE-2021-44269

    An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.... Read more

    Affected Products : fedora wavpack
    • EPSS Score: %0.07
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-44740

    Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this... Read more

    • EPSS Score: %0.75
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-41343

    Windows Fast FAT File System Driver Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.45
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-4115

    There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing ... Read more

    • EPSS Score: %0.02
    • Published: Feb. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-4183

    Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file... Read more

    • EPSS Score: %0.05
    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40716

    XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this is... Read more

    • EPSS Score: %0.24
    • Published: Sep. 29, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40575

    The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-4... Read more

    Affected Products : gpac
    • EPSS Score: %0.07
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40454

    Rich Text Edit Control Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.14
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40326

    Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.... Read more

    Affected Products : windows pdf_editor pdf_reader phantompdf
    • EPSS Score: %0.05
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-39861

    Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the ... Read more

    • EPSS Score: %1.65
    • Published: Sep. 29, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291804 Results