Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-6076

    In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine.... Read more

    Affected Products : wolfssl
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-4135

    A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized a... Read more

    Affected Products : linux_kernel
    • Published: Jul. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40985

    A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.... Read more

    Affected Products : debian_linux htmldoc
    • Published: Nov. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40796

    Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context... Read more

    Affected Products : macos premiere_pro windows
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40790

    Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Ex... Read more

    Affected Products : macos premiere_pro windows
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40762

    Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in ... Read more

    Affected Products : macos windows character_animator
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-6011

    An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.... Read more

    • Published: Feb. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-5994

    Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter.... Read more

    Affected Products : virglrenderer
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-39894

    In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in Fogbugz importer which may be used by attackers to exploit Server Side Request Forgery attacks.... Read more

    Affected Products : gitlab
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-48241

    An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function.... Read more

    Affected Products : radare2
    • Published: Oct. 30, 2024
    • Modified: Jun. 13, 2025

  • 5.5

    MEDIUM
    CVE-2017-5979

    The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-39827

    Improper input validation in the installer for Zoom Workplace Desktop App for Windows before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.... Read more

    Affected Products : workplace_desktop
    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 5.5

    MEDIUM
    CVE-2017-5980

    The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5977

    The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5981

    seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5974

    Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.... Read more

    Affected Products : debian_linux zziplib zziplib
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-5951

    The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.... Read more

    Affected Products : ghostscript
    • Published: Apr. 03, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-5957

    Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU), allows a local guest users to cause a denial of service (a... Read more

    Affected Products : qemu virglrenderer
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-36972

    Windows SMB Information Disclosure Vulnerability... Read more

    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-49999

    In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the server record that we used after doing the fileserver it... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 29, 2024
Showing 20 of 292803 Results