Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2018-18651

    An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the... Read more

    Affected Products : xpdf
    • EPSS Score: %0.18
    • Published: Oct. 25, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-12098

    The liblnk_data_block_read function in liblnk_data_block.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in lib... Read more

    Affected Products : liblnk
    • EPSS Score: %0.10
    • Published: Jun. 19, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-7131

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive Contact card information via a crafted app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.20
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7118

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (crash) via a crafted image.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.28
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7113

    An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "UIKit" component. It allows attackers to bypass intended read restrictions for secure text fields via vectors involving a focus-change event.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7075

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Notes" component. It allows local users to obtain sensitive information by reading search results that contain locked-note content.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-6982

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue involves the "Notifications" component. It allows attackers to cause a denial of service via a crafted app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %1.18
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13806

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Profiles" component. It does not enforce the configuration profile's settings for whether pairings are allowed.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.19
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-6310

    oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.... Read more

    Affected Products : enterprise_virtualization
    • EPSS Score: %0.13
    • Published: Aug. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-4719

    The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application.... Read more

    Affected Products : iphone_os watchos
    • EPSS Score: %0.23
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4628

    IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors.... Read more

    Affected Products : iphone_os watchos
    • EPSS Score: %0.09
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-27939

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.... Read more

    Affected Products : macos
    • EPSS Score: %0.06
    • Published: Aug. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-19887

    An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the ... Read more

    Affected Products : freeware_advanced_audio_coder
    • EPSS Score: %0.16
    • Published: Dec. 06, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-2368

    An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.23
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-33450

    An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.... Read more

    Affected Products : netwide_assembler
    • EPSS Score: %0.05
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-0083

    The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.... Read more

    Affected Products : debian_linux net-ldap
    • EPSS Score: %0.07
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4280

    Insecure temporary file vulnerability in RedHat vsdm 4.9.6.... Read more

    • EPSS Score: %0.13
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-4917

    In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-4915

    fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %0.08
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52927

    In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some s... Read more

    Affected Products : linux_kernel
    • Published: Mar. 14, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 291385 Results