Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-47456

    Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue req... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2017-5025

    FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.... Read more

    Affected Products : chrome
    • EPSS Score: %0.37
    • Published: Feb. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-36781

    In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix reference leak when pm_runtime_get_sync fails In i2c_imx_xfer() and i2c_imx_remove(), the pm reference count is not expected to be incremented on return. However, pm_runt... Read more

    Affected Products : linux_kernel
    • Published: Feb. 28, 2024
    • Modified: Dec. 06, 2024

  • 5.5

    MEDIUM
    CVE-2017-4900

    VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.... Read more

    Affected Products : workstation_pro workstation_player
    • EPSS Score: %0.05
    • Published: Jun. 07, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-4945

    VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945.... Read more

    Affected Products : workstation mac_os_x fusion
    • EPSS Score: %0.06
    • Published: Jan. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-47149

    Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.... Read more

    Affected Products : magic_os magicos
    • Published: Dec. 26, 2024
    • Modified: Jun. 05, 2025

  • 5.5

    MEDIUM
    CVE-2024-49943

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc_submit: add missing locking in wedged_fini Any non-wedged queue can have a zero refcount here and can be running concurrently with an async queue destroy, therefore dereferen... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 01, 2024

  • 5.5

    MEDIUM
    CVE-2024-47143

    In the Linux kernel, the following vulnerability has been resolved: dma-debug: fix a possible deadlock on radix_lock radix_lock() shouldn't be held while holding dma_hash_entry[idx].lock otherwise, there's a possible deadlock scenario when dma debug API... Read more

    Affected Products : linux_kernel
    • Published: Jan. 11, 2025
    • Modified: Feb. 03, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2024-47102

    IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service.... Read more

    Affected Products : aix vios
    • Published: Dec. 25, 2024
    • Modified: Jul. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-49857

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: set the cipher for secured NDP ranging The cipher pointer is not set, but is derefereced trying to set its content, which leads to a NULL pointer dereference. Fix it... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 22, 2024

  • 5.5

    MEDIUM
    CVE-2020-27760

    In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses... Read more

    Affected Products : debian_linux imagemagick
    • EPSS Score: %0.12
    • Published: Dec. 03, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-2729

    Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network acces... Read more

    Affected Products : identity_manager
    • EPSS Score: %0.26
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27123

    A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the underlying operating system of an affected device. The vulne... Read more

    Affected Products : anyconnect_secure_mobility_client
    • EPSS Score: %0.06
    • Published: Nov. 06, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-47019

    In ProtocolEmbmsSaiListAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not n... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Oct. 28, 2024

  • 5.5

    MEDIUM
    CVE-2024-47025

    In ppmp_protect_buf of drm_fw.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Oct. 28, 2024

  • 5.5

    MEDIUM
    CVE-2020-25427

    A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service.... Read more

    Affected Products : gpac
    • EPSS Score: %0.09
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-46955

    An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.... Read more

    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2020-24421

    Adobe InDesign version 15.1.2 (and earlier) is affected by a NULL pointer dereference bug that occurs when handling a malformed .indd file. The impact is limited to causing a denial-of-service of the client application. User interaction is required to exp... Read more

    Affected Products : windows indesign
    • EPSS Score: %0.49
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-23903

    A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.... Read more

    Affected Products : fedora speex
    • EPSS Score: %0.08
    • Published: Nov. 10, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-21681

    A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.... Read more

    Affected Products : fig2dev
    • EPSS Score: %0.14
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292387 Results