Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.5

MEDIUM

CVE-2019-12455

An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and sy...

Affected Products : linux_kernel
EPSS Score: %0.07

Published: May. 30, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-12382

An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system...

Affected Products : linux_kernel
EPSS Score: %0.13

Published: May. 28, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1143

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There a...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +7 more products
EPSS Score: %0.90

Published: Aug. 14, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1096

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'....

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows
EPSS Score: %34.56

Published: Jul. 15, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1071

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1073....

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows
EPSS Score: %0.35

Published: Jul. 15, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1010319

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav file...

Affected Products : ubuntu_linux fedora debian_linux wavpack
EPSS Score: %1.04

Published: Jul. 11, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1010189

mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1....

Affected Products : mgetty
EPSS Score: %0.16

Published: Jul. 24, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-10021

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps....

Affected Products : xpdf
EPSS Score: %0.16

Published: Mar. 25, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-14292

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1....

Affected Products : xpdfreader
EPSS Score: %0.17

Published: Jul. 27, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-0702

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782....

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows
EPSS Score: %0.88

Published: Apr. 09, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-0621

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663....

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows
EPSS Score: %0.56

Published: Mar. 05, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-0147

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access....

Affected Products : ethernet_controller_x710-tm4_firmware ethernet_controller_x710-at2_firmware ethernet_controller_xxv710-am2_firmware ethernet_controller_xxv710-am1_firmware ethernet_controller_x710-bm2_firmware ethernet_controller_710-bm1_firmware ethernet_700_series_software ethernet_controller_x710-tm4 ethernet_controller_x710-at2 ethernet_controller_xxv710-am2 +3 more products
EPSS Score: %0.05

Published: Nov. 14, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-0146

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access....

Affected Products : ethernet_controller_x710-tm4_firmware ethernet_controller_x710-at2_firmware ethernet_controller_xxv710-am2_firmware ethernet_controller_xxv710-am1_firmware ethernet_controller_x710-bm2_firmware ethernet_controller_710-bm1_firmware ethernet_700_series_software ethernet_controller_x710-tm4 ethernet_controller_x710-at2 ethernet_controller_xxv710-am2 +3 more products
EPSS Score: %0.16

Published: Nov. 14, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-8612

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial of Service Vulnerability." This affects Windows Server 2...

Affected Products : windows_10 windows_server_2016 windows_server_2019
EPSS Score: %0.35

Published: Dec. 12, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-8549

A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Serve...

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019
EPSS Score: %0.26

Published: Nov. 14, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-8533

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This ...

Affected Products : sql_server_management_studio
EPSS Score: %55.58

Published: Oct. 10, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-7822

An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logge...

Affected Products : modicon_m221_firmware somachine_basic modicon_m221
EPSS Score: %0.10

Published: May. 22, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-7568

The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dw...

Affected Products : enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation binutils
EPSS Score: %0.21

Published: Feb. 28, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-7455

An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml....

Affected Products : xpdf
EPSS Score: %0.15

Published: Feb. 24, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-6921

In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local ...

Affected Products : freebsd
EPSS Score: %0.06

Published: May. 08, 2018

Modified: Nov. 21, 2024

Showing 20 of 291741 Results

Latest CVE Feed

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable