Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2015-2647

    Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows... Read more

    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-1596

    IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550.... Read more

    Affected Products : security_guardium
    • Published: Dec. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9915

    Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.... Read more

    Affected Products : imagemagick
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9853

    Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.... Read more

    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9840

    ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.... Read more

    Affected Products : imagemagick
    • Published: Mar. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9816

    ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.... Read more

    Affected Products : imagemagick
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9806

    ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.... Read more

    Affected Products : imagemagick
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-1493

    IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access controls. IBM X-Force ID: 128691.... Read more

    Affected Products : urbancode_deploy
    • Published: Jan. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-1441

    IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. IBM X-Force ID: 128106.... Read more

    Affected Products : emptoris_services_procurement
    • Published: Aug. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-3968

    The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.... Read more

    Affected Products : xen opensuse
    • Published: Jun. 05, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-23886

    Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is tr... Read more

    • Published: Apr. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-23827

    Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached picture... Read more

    Affected Products : macos windows linux keybase keybase
    • Published: Feb. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-23566

    The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.... Read more

    Affected Products : nanoid
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18925

    opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.... Read more

    Affected Products : opentmpfiles
    • Published: Oct. 26, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-23210

    A floating point exception (divide-by-zero) issue was discovered in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash.... Read more

    Affected Products : sound_exchange sox
    • Published: Aug. 25, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2021-23159

    A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.... Read more

    Affected Products : sound_exchange sox
    • Published: Aug. 25, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2012-1096

    NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.... Read more

    Affected Products : debian_linux networkmanager
    • Published: Mar. 10, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-29626

    In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11.4-STABLE before r369559, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, copy-on-write logic failed to invalidate shared memory page mappings between multiple pr... Read more

    Affected Products : freebsd
    • Published: Apr. 07, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-23020

    The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.... Read more

    Affected Products : nginx_controller
    • Published: Jun. 01, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-4594

    The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 292875 Results