Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-52522

    In the Linux kernel, the following vulnerability has been resolved: net: fix possible store tearing in neigh_periodic_work() While looking at a related syzbot report involving neigh_periodic_work(), I found that I forgot to add an annotation when deleti... Read more

    Affected Products : linux_kernel
    • Published: Mar. 02, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35983

    In the Linux kernel, the following vulnerability has been resolved: bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS bits_per() rounds up to the next power of two when passed a power of two. This causes crashes on some machines and ... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Jan. 16, 2025

  • 5.5

    MEDIUM
    CVE-2023-31084

    An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_even... Read more

    • EPSS Score: %0.01
    • Published: Apr. 24, 2023
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2025-21317

    Windows Kernel Memory Information Disclosure Vulnerability... Read more

    • Published: Jan. 14, 2025
    • Modified: Jan. 22, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2024-40977

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery During chip recovery (e.g. chip reset), there is a possible situation that kernel worker reset_work is holding the loc... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-21736

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in nilfs_fiemap() Since nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result by being prepared to go through potentially maxblocks == IN... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-21798

    In the Linux kernel, the following vulnerability has been resolved: firewire: test: Fix potential null dereference in firewire kunit test kunit_kzalloc() may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2022-42859

    Multiple issues were addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, watchOS 9.2. An app may be able to bypass Privacy preferences.... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.01
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2024-0639

    A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.01
    • Published: Jan. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-25108

    Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation.... Read more

    Affected Products : windows pdf_editor pdf_reader
    • EPSS Score: %0.16
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-8520

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory.... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.06
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-43295

    XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.... Read more

    Affected Products : xpdf
    • EPSS Score: %0.06
    • Published: Nov. 14, 2022
    • Modified: May. 13, 2025

  • 5.5

    MEDIUM
    CVE-2022-4342

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak masked webhook secrets by c... Read more

    Affected Products : gitlab
    • EPSS Score: %1.02
    • Published: Jan. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-25375

    An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.20
    • Published: Feb. 20, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-33065

    Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2023-33174

    Windows Cryptographic Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.28
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-29458

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to wri... Read more

    Affected Products : fedora debian_linux exiv2
    • EPSS Score: %0.10
    • Published: Apr. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-42241

    In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 5.5

    MEDIUM
    CVE-2021-46662

    MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery.... Read more

    Affected Products : mariadb
    • EPSS Score: %0.04
    • Published: Feb. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-43828

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. ext4_ext_determine_insert_hole... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 22, 2024
Showing 20 of 291335 Results