Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-31972

    Event Tracing for Windows Information Disclosure Vulnerability... Read more

    • Published: Jun. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-28916

    hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.... Read more

    Affected Products : debian_linux qemu
    • Published: Dec. 04, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-31960

    Windows Bind Filter Driver Information Disclosure Vulnerability... Read more

    • Published: Jun. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27845

    There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to... Read more

    • Published: Jan. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27784

    A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().... Read more

    Affected Products : linux_kernel
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27770

    Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick... Read more

    Affected Products : debian_linux imagemagick
    • Published: Dec. 04, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27349

    Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.... Read more

    Affected Products : ubuntu_linux
    • Published: Dec. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-50304

    In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from the cont... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Feb. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-50299

    In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in s... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-50303

    In the Linux kernel, the following vulnerability has been resolved: resource,kexec: walk_system_ram_res_rev must retain resource flags walk_system_ram_res_rev() erroneously discards resource flags when passing the information to the callback. This caus... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-54490

    This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Sequoia 15.2. A local attacker may gain access to user's Keychain items.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2024
    • Modified: Dec. 19, 2024

  • 5.5

    MEDIUM
    CVE-2024-50296

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call f... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-50292

    In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove In case of error when requesting ctrl_chan DMA channel, ctrl_chan is not null. So the release of the dma channel le... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-50291

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: add missing buffer index check dvb_vb2_expbuf() didn't check if the given buffer index was for a valid buffer. Add this check.... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-50288

    In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix buffer overwrite when using > 32 buffers The maximum number of buffers that can be requested was increased to 64 for the video capture queue. But video capture used a ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2020-25663

    A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to su... Read more

    Affected Products : imagemagick
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-25641

    A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local... Read more

    • Published: Oct. 06, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-50298

    In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is enabled. However, net_device_ops::ndo_set_vf_mac() may be cal... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-50285

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbd_work_cache”. It will cause OOM i... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-50281

    In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation When sealing or unsealing a key blob we currently do not wait for the AEAD cipher operation to finish and simply return... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 293353 Results