Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-3478

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vulnerability allows low privileged at... Read more

    Affected Products : flexcube_private_banking
    • EPSS Score: %0.22
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-3479

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows lo... Read more

    Affected Products : flexcube_private_banking
    • EPSS Score: %0.38
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2019-1325

    An elevation of privilege vulnerability exists in the Windows redirected drive buffering system (rdbss.sys) when the operating system improperly handles specific local calls within Windows 7 for 32-bit systems, aka 'Windows Redirected Drive Buffering Syst... Read more

    • EPSS Score: %0.44
    • Published: Oct. 10, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-1251

    An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1245.... Read more

    • EPSS Score: %1.46
    • Published: Sep. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-3454

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple pr... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.31
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-45828

    In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request Bus cleanup path in DMA mode may trigger a RING_OP_STAT interrupt when the ring is being stopped. Depending on timing be... Read more

    Affected Products : linux_kernel
    • Published: Jan. 11, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2017-3455

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access vi... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.30
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2019-1154

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There a... Read more

    • EPSS Score: %0.72
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-3484

    Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Limits and Collateral). Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vu... Read more

    • EPSS Score: %0.22
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-46325

    TP-Link WR740N V6 has a stack overflow vulnerability via the ssid parameter in /userRpm/popupSiteSurveyRpm.htm url.... Read more

    Affected Products : wr740n_firmware wr740n
    • Published: Oct. 07, 2024
    • Modified: Jun. 02, 2025

  • 5.5

    MEDIUM
    CVE-2019-0560

    An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office.... Read more

    Affected Products : office office_365_proplus outlook
    • EPSS Score: %26.92
    • Published: Jan. 08, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-8104

    The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.... Read more

    Affected Products : xpdf
    • EPSS Score: %0.15
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-7858

    Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updatin... Read more

    • EPSS Score: %0.07
    • Published: Mar. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-7730

    An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.... Read more

    Affected Products : ubuntu_linux debian_linux exempi
    • EPSS Score: %0.35
    • Published: Mar. 06, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-7570

    The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application... Read more

    Affected Products : binutils
    • EPSS Score: %0.47
    • Published: Feb. 28, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-5296

    In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.... Read more

    Affected Products : podofo
    • EPSS Score: %0.37
    • Published: Jan. 08, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-45709

    SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.... Read more

    Affected Products : web_help_desk
    • Published: Dec. 10, 2024
    • Modified: Feb. 25, 2025

  • 5.5

    MEDIUM
    CVE-2017-3304

    Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: DD). Supported versions that are affected are 7.2.27 and earlier, 7.3.16 and earlier, 7.4.14 and earlier and 7.5.5 and earlier. Easily "exploitable" vulnerability allows ... Read more

    Affected Products : mysql_cluster
    • EPSS Score: %0.36
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-4112

    An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "ATS" component. It allows attackers to obtain sensitive information by leveraging symlink mishandling.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.12
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-3288

    Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable... Read more

    Affected Products : flexcube_investor_servicing
    • EPSS Score: %0.22
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292495 Results