Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2020-8632

    In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.... Read more

    Affected Products : debian_linux leap cloud-init
    • EPSS Score: %0.04
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-8446

    In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to path traversal (with write access) via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user.... Read more

    Affected Products : ossec
    • EPSS Score: %0.18
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-36784

    In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions cdns_i2c_master_xfer and cdns_reg_slave. ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 28, 2024
    • Modified: Dec. 06, 2024

  • 5.5

    MEDIUM
    CVE-2020-29566

    An issue was discovered in Xen through 4.14.x. When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has completed its operation, via an event channel, so that the rel... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.07
    • Published: Dec. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27798

    An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.... Read more

    Affected Products : upx upx
    • EPSS Score: %0.14
    • Published: Aug. 25, 2022
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2020-27756

    In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact ... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.13
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27753

    There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial ... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.07
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-26571

    The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.... Read more

    Affected Products : fedora debian_linux opensc opensc
    • EPSS Score: %0.04
    • Published: Oct. 06, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-25704

    A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.... Read more

    • EPSS Score: %0.02
    • Published: Dec. 02, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-24736

    Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.... Read more

    Affected Products : sqlite3
    • EPSS Score: %0.03
    • Published: Apr. 11, 2023
    • Modified: Feb. 11, 2025

  • 5.5

    MEDIUM
    CVE-2020-24502

    Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.... Read more

    • EPSS Score: %0.19
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-23856

    Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.... Read more

    Affected Products : fedora cflow
    • EPSS Score: %0.11
    • Published: May. 18, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-21913

    International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.... Read more

    • EPSS Score: %0.12
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-21534

    fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.... Read more

    Affected Products : debian_linux fig2dev
    • EPSS Score: %0.11
    • Published: Sep. 16, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-21530

    fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.... Read more

    Affected Products : debian_linux fig2dev
    • EPSS Score: %0.09
    • Published: Sep. 16, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1993

    The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. This issue affects: All PAN-OS 7.1 and 8.0 versio... Read more

    Affected Products : pan-os
    • EPSS Score: %0.14
    • Published: May. 13, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-17138

    Windows Error Reporting Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.59
    • Published: Dec. 10, 2020
    • Modified: Aug. 28, 2025

  • 5.5

    MEDIUM
    CVE-2020-17020

    Microsoft Word Security Feature Bypass Vulnerability... Read more

    Affected Products : office word 365_apps excel
    • EPSS Score: %1.01
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-17013

    Win32k Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.54
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-16914

    <p>An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does ... Read more

    • EPSS Score: %0.50
    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291750 Results