Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.5

MEDIUM

CVE-2015-8915

bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file....

Affected Products : libarchive
EPSS Score: %0.44

Published: Sep. 20, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8900

The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file....

Affected Products : imagemagick
EPSS Score: %0.38

Published: Feb. 27, 2017

Modified: Apr. 20, 2025
5.5

MEDIUM

CVE-2015-8817

QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privi...

Affected Products : qemu
EPSS Score: %0.09

Published: Dec. 29, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8732

The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attac...

Affected Products : wireshark
EPSS Score: %1.00

Published: Jan. 04, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8712

The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) vi...

Affected Products : wireshark
EPSS Score: %0.08

Published: Jan. 04, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2015-8714

The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via...

Affected Products : wireshark
EPSS Score: %0.08

Published: Jan. 04, 2016

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2017-20011

A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an unknown input leads to denial of service. It is possible ...

Affected Products : interest_security_scanner
EPSS Score: %0.13

Published: Mar. 28, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2017-1784

IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858....

Affected Products : oncommand_insight cognos_analytics
EPSS Score: %0.15

Published: Jan. 29, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-24138

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user....

Affected Products : adrotate
EPSS Score: %0.87

Published: Mar. 18, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-24106

Windows DirectX Information Disclosure Vulnerability...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_1803 windows_10_1909 windows_server_20h2 windows_server_1909 windows_server_2004
EPSS Score: %0.28

Published: Feb. 25, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2017-20014

A vulnerability, which was classified as problematic, has been found in WEKA INTEREST Security Scanner up to 1.8. Affected by this issue is some unknown functionality of the component Webspider. The manipulation with an unknown input leads to denial of se...

Affected Products : interest_security_scanner
EPSS Score: %0.10

Published: Mar. 28, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-24084

Windows Mobile Device Management Information Disclosure Vulnerability...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_1909 windows_server_20h2 windows_server_1909 windows_server_2004
EPSS Score: %6.29

Published: Feb. 25, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-24107

Windows Event Tracing Information Disclosure Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
EPSS Score: %0.49

Published: Mar. 11, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-24076

Microsoft Windows VMSwitch Information Disclosure Vulnerability...

Affected Products : windows_10 windows_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_1803 windows_10_1909 +4 more products
EPSS Score: %0.28

Published: Feb. 25, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-24079

Windows Backup Engine Information Disclosure Vulnerability...

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +6 more products
EPSS Score: %0.32

Published: Feb. 25, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2015-2647

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows...

Affected Products : enterprise_manager enterprise_manager_grid_control enterprise_manager_database_control enterprise_manager_plugin_for_database_control
EPSS Score: %0.18

Published: Jul. 16, 2015

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2017-1596

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550....

Affected Products : security_guardium
EPSS Score: %0.05

Published: Dec. 20, 2017

Modified: Apr. 20, 2025
5.5

MEDIUM

CVE-2014-9915

Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile....

Affected Products : imagemagick
EPSS Score: %0.17

Published: Mar. 23, 2017

Modified: Apr. 20, 2025
5.5

MEDIUM

CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file....

Affected Products : ubuntu_linux leap imagemagick opensuse linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit linux_enterprise_debuginfo linux_enterprise_workstation_extension leap +1 more products
EPSS Score: %0.47

Published: Mar. 17, 2017

Modified: Apr. 20, 2025
5.5

MEDIUM

CVE-2014-9840

ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file....

Affected Products : imagemagick
EPSS Score: %0.39

Published: Mar. 22, 2017

Modified: Apr. 20, 2025

Showing 20 of 292495 Results

Browse by Apps

Latest CVE Feed

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable