Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-46974

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the off_reg is sitting in the dst register is not correct given then we cannot just inve... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Jan. 09, 2025

  • 5.5

    MEDIUM
    CVE-2023-52811

    In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event t... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-38598

    In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdo... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-45027

    In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check for xhci->interrupters being allocated in xhci_mem_clearup() If xhci_mem_init() fails, it calls into xhci_mem_cleanup() to mop up the damage. If it fails early enough, ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2024
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2017-11333

    The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.... Read more

    Affected Products : libvorbis
    • EPSS Score: %1.19
    • Published: Jul. 31, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-21681

    Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.... Read more

    Affected Products : nomad
    • EPSS Score: %0.02
    • Published: Aug. 31, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-5026

    hs.py in OnionShare before 0.9.1 allows local users to modify the hiddenservice by pre-creating the /tmp/onionshare directory.... Read more

    Affected Products : onionshare
    • EPSS Score: %0.06
    • Published: Jan. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6299

    An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."... Read more

    Affected Products : debian_linux ytnef
    • EPSS Score: %0.21
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-5852

    The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file.... Read more

    Affected Products : podofo
    • EPSS Score: %0.24
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-4256

    Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This ... Read more

    • EPSS Score: %0.01
    • Published: Dec. 21, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41069

    This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 17 and iPadOS 17. A 3D model constructed to look like the enrolled user may authenticate via Face ID.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.08
    • Published: Jan. 10, 2024
    • Modified: Jun. 17, 2025

  • 5.5

    MEDIUM
    CVE-2021-47021

    In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix memleak when mt7915_unregister_device() mt7915_tx_token_put() should get call before mt76_free_pending_txwi().... Read more

    Affected Products : linux_kernel
    • Published: Feb. 28, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-23267

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to bypass certain Privacy preferences.... Read more

    Affected Products : macos
    • Published: Mar. 08, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2017-6266

    NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service.... Read more

    Affected Products : android windows gpu_driver
    • EPSS Score: %0.04
    • Published: Sep. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-18236

    An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.... Read more

    Affected Products : ubuntu_linux debian_linux exempi
    • EPSS Score: %0.17
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-0887

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server... Read more

    • EPSS Score: %1.17
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-56673

    In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Do not call pmd dtor on vmemmap page table teardown The vmemmap's, which is used for RV64 with SPARSEMEM_VMEMMAP, page tables are populated using pmd (page middle directory) ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 06, 2025

  • 5.5

    MEDIUM
    CVE-2024-56702

    In the Linux kernel, the following vulnerability has been resolved: bpf: Mark raw_tp arguments with PTR_MAYBE_NULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain c... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-52641

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() It is preferable to exit through the out: label because internal debugging functions are located there.... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2020-25673

    A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.... Read more

    • EPSS Score: %0.14
    • Published: May. 26, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291625 Results