Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-46956

    In the Linux kernel, the following vulnerability has been resolved: virtiofs: fix memory leak in virtio_fs_probe() When accidentally passing twice the same tag to qemu, kmemleak ended up reporting a memory leak in virtiofs. Also, looking at the log I s... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Dec. 06, 2024

  • 5.5

    MEDIUM
    CVE-2021-40788

    Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-s... Read more

    Affected Products : macos windows premiere_elements
    • EPSS Score: %0.41
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-32883

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.05
    • Published: Sep. 20, 2022
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2016-1814

    IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.... Read more

    Affected Products : mac_os_x iphone_os tvos
    • EPSS Score: %0.24
    • Published: May. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-35018

    Advancecomp v2.3 was discovered to contain a segmentation fault.... Read more

    Affected Products : fedora advancecomp
    • EPSS Score: %0.02
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-44674

    Windows Bluetooth Driver Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.10
    • Published: Dec. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-29532

    A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the wr... Read more

    Affected Products : firefox firefox_esr thunderbird windows
    • EPSS Score: %0.07
    • Published: Jun. 19, 2023
    • Modified: Dec. 11, 2024

  • 5.5

    MEDIUM
    CVE-2023-30300

    An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.... Read more

    Affected Products : webassembly
    • EPSS Score: %0.02
    • Published: May. 03, 2023
    • Modified: Jan. 30, 2025

  • 5.5

    MEDIUM
    CVE-2017-6837

    WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients.... Read more

    Affected Products : audiofile
    • EPSS Score: %2.79
    • Published: Mar. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-13632

    ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.... Read more

    • EPSS Score: %0.06
    • Published: May. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-24504

    Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    • EPSS Score: %0.09
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-2317

    Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransfo... Read more

    • EPSS Score: %0.26
    • Published: Feb. 03, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-41946

    pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is large... Read more

    Affected Products : debian_linux postgresql_jdbc_driver
    • EPSS Score: %0.04
    • Published: Nov. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-47929

    In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc ... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.03
    • Published: Jan. 17, 2023
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2022-4269

    A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 05, 2022
    • Modified: Apr. 14, 2025

  • 5.5

    MEDIUM
    CVE-2022-48468

    protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.... Read more

    Affected Products : protobuf-c
    • EPSS Score: %0.02
    • Published: Apr. 13, 2023
    • Modified: Feb. 07, 2025

  • 5.5

    MEDIUM
    CVE-2022-48749

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function performs a check on the "ctx" input parameter, however, it is used before the check. Initialize the "base" varia... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-11760

    An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.... Read more

    • EPSS Score: %0.39
    • Published: Apr. 14, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-3357

    A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jun. 28, 2023
    • Modified: Mar. 10, 2025

  • 5.5

    MEDIUM
    CVE-2016-2529

    The iseries_check_file_type function in wiretap/iseries.c in the iSeries file parser in Wireshark 2.0.x before 2.0.2 does not consider that a line may lack the "OBJECT PROTOCOL" substring, which allows remote attackers to cause a denial of service (out-of... Read more

    Affected Products : wireshark
    • EPSS Score: %0.17
    • Published: Feb. 28, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291269 Results