Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.5

MEDIUM

CVE-2013-3896

Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."...

Affected Products : silverlight
Actively Exploited

Published: Oct. 09, 2013

Modified: Apr. 11, 2025
5.5

MEDIUM

CVE-2021-27203

In Dekart Private Disk 2.15, invalid use of the Type3 user buffer for IOCTL codes using METHOD_NEITHER results in arbitrary memory dereferencing....

Affected Products : private_disk
Published: Feb. 16, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2013-1820

tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service....

Affected Products : fedora tuned
Published: Nov. 08, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27093

Windows Kernel Information Disclosure Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
Published: Apr. 13, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27029

The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX's Review version 1.5.0 and prior causing the application to crash leading to a denial of service....

Affected Products : fbx_review
Published: Apr. 19, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26945

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR....

Affected Products : openexr
Published: Jun. 08, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26927

A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service....

Affected Products : fedora jasper
Published: Feb. 23, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26869

Windows ActiveX Installer Service Information Disclosure Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +9 more products
Published: Mar. 11, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26933

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory befor...

Affected Products : fedora debian_linux xen
Published: Feb. 17, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2012-1186

Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists be...

Affected Products : ubuntu_linux debian_linux imagemagick opensuse
Published: Jun. 05, 2012

Modified: Apr. 11, 2025
5.5

MEDIUM

CVE-2012-0532

Unspecified vulnerability in the Identity Manager component in Oracle Fusion Middleware 11.1.1.3 and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to User Config Management....

Affected Products : fusion_middleware
Published: May. 03, 2012

Modified: Apr. 11, 2025
5.5

MEDIUM

CVE-2021-26579

A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided updates to versions 1.2009.0 and 1.2101.0 of HPE Unified...

Affected Products : unified_data_management
Published: Mar. 30, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26444

Azure RTOS Information Disclosure Vulnerability...

Affected Products : azure_real_time_operating_system
Published: Nov. 10, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26417

Windows Overlay Filter Information Disclosure Vulnerability...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_1909 windows_server_20h2 windows_server_1909 windows_server_2004
Published: Apr. 13, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26372

Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +78 more products
Published: May. 11, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2011-3637

The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error....

Affected Products : linux_kernel enterprise_linux
Published: May. 17, 2012

Modified: Apr. 11, 2025
5.5

MEDIUM

CVE-2021-26373

Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +165 more products
Published: May. 11, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26437

Visual Studio Code Spoofing Vulnerability...

Affected Products : visual_studio_code
Published: Sep. 15, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26352

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service....

Affected Products : ryzen_3_5300g_firmware ryzen_3_5300ge_firmware ryzen_5_2600_firmware ryzen_5_2600x_firmware ryzen_5_2700x_firmware ryzen_5_5600g_firmware ryzen_5_5600ge_firmware ryzen_5_5600x_firmware ryzen_7_5700g_firmware ryzen_7_5700ge_firmware +50 more products
Published: May. 10, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26364

Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +78 more products
Published: May. 11, 2022

Modified: Nov. 21, 2024

Showing 20 of 292870 Results

Browse by Apps

Latest CVE Feed

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable