Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2014-9814

    ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.... Read more

    Affected Products : imagemagick
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-28150

    Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.... Read more

    Affected Products : h8922_firmware h8922
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27845

    A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c... Read more

    Affected Products : jasper
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27815

    NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.... Read more

    Affected Products : fedora exif
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-8181

    The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.... Read more

    Affected Products : enterprise_linux enterprise_mrg
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27807

    A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.... Read more

    • Published: Mar. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27753

    "Sametime Android PathTraversal Vulnerability"... Read more

    Affected Products : hcl_sametime
    • Published: Feb. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27639

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caus... Read more

    Affected Products : 3d_visual_enterprise_viewer
    • Published: Jun. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27638

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caus... Read more

    Affected Products : 3d_visual_enterprise_viewer
    • Published: Jun. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27642

    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is cau... Read more

    Affected Products : 3d_visual_enterprise_viewer
    • Published: Jun. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-2482

    Unspecified vulnerability in the Oracle Concurrent Processing component in Oracle E-Business Suite 12.1.3, 12.2.2, and 12.2.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : e-business_suite
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-27562

    In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.... Read more

    • Actively Exploited
    • Published: May. 25, 2021
    • Modified: Mar. 14, 2025

  • 5.5

    MEDIUM
    CVE-2021-27755

    "Sametime Android potential path traversal vulnerability when using File class"... Read more

    Affected Products : hcl_sametime
    • Published: Feb. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-1858

    __init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.... Read more

    Affected Products : numpy
    • Published: Jan. 08, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27548

    There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03.... Read more

    Affected Products : xpdf
    • Published: May. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27492

    When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote at... Read more

    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-0203

    The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and syst... Read more

    Affected Products : linux_kernel linux
    • Published: Jun. 23, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-27347

    Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.... Read more

    Affected Products : debian_linux long_range_zip
    • Published: Jun. 10, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27345

    A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file.... Read more

    Affected Products : debian_linux long_range_zip
    • Published: Jun. 10, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1141

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerabilit... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292830 Results