Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2018-15984

    Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a... Read more

    • EPSS Score: %3.00
    • Published: Jan. 18, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-15943

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    • EPSS Score: %2.25
    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-15853

    Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.... Read more

    Affected Products : libxkbcommon xkbcommon ubuntu_linux
    • EPSS Score: %0.06
    • Published: Aug. 25, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-13095

    An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Jul. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-13033

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_... Read more

    • EPSS Score: %1.48
    • Published: Jul. 01, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-12873

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    • EPSS Score: %36.47
    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-10940

    The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.02
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-10876

    A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %0.03
    • Published: Jul. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-1000085

    ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victi... Read more

    Affected Products : ubuntu_linux debian_linux clamav
    • EPSS Score: %0.90
    • Published: Mar. 13, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-0760

    The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1, Windows Server 2008 R2, and Windows Server 2012 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engin... Read more

    • EPSS Score: %6.28
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-9778

    GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede ... Read more

    Affected Products : gdb
    • EPSS Score: %0.30
    • Published: Jun. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-9059

    The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel dae... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: May. 18, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-8687

    The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vuln... Read more

    • EPSS Score: %26.90
    • Published: Sep. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-8684

    Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Dis... Read more

    • EPSS Score: %26.90
    • Published: Sep. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-8544

    Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to obtain information to further compromise the user'... Read more

    • EPSS Score: %3.47
    • Published: Jun. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-8539

    The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more

    • EPSS Score: %19.18
    • Published: May. 26, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7940

    The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.... Read more

    Affected Products : imageworsener imageworsener
    • EPSS Score: %0.20
    • Published: Apr. 18, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7768

    The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla Maintenance S... Read more

    Affected Products : firefox firefox_esr windows
    • EPSS Score: %0.05
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-7595

    The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.43
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7586

    In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.... Read more

    Affected Products : libsndfile
    • EPSS Score: %0.32
    • Published: Apr. 07, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291756 Results