Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-49492

    In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2022-49894

    In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space allocated. Skip them when validating HPA order otherwise a crash like the following may result... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2022-46490

    GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.02
    • Published: Jan. 05, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2020-25635

    A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.... Read more

    Affected Products : ansible
    • EPSS Score: %0.14
    • Published: Oct. 05, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-14347

    A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before versio... Read more

    Affected Products : ubuntu_linux debian_linux xorg-server
    • EPSS Score: %0.02
    • Published: Aug. 05, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-7511

    poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.... Read more

    Affected Products : poppler
    • EPSS Score: %0.24
    • Published: May. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7593

    tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.36
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-22458

    Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects R... Read more

    Affected Products : redis
    • EPSS Score: %66.70
    • Published: Jan. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-42842

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • EPSS Score: %0.04
    • Published: Oct. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-14404

    An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.... Read more

    • EPSS Score: %1.00
    • Published: Jun. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-44216

    Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions that may allow unauthorized local users to access the Apache and Mission Portal log files.... Read more

    Affected Products : cfengine
    • EPSS Score: %0.06
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-5797

    An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-V... Read more

    • EPSS Score: %0.05
    • Published: Nov. 28, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-50431

    sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 09, 2023
    • Modified: May. 30, 2025

  • 5.5

    MEDIUM
    CVE-2022-36314

    When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffecte... Read more

    Affected Products : firefox firefox_esr thunderbird windows
    • EPSS Score: %0.03
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 5.5

    MEDIUM
    CVE-2024-0086

    NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin.... Read more

    • Published: Jun. 13, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45943

    GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).... Read more

    • EPSS Score: %0.08
    • Published: Jan. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35891

    In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In lan8814_get_sig_rx() and lan8814_get_sig_tx() ptp_parse_header() may return NULL as ptp_header due to abnormal packet type or... Read more

    Affected Products : linux_kernel
    • Published: May. 19, 2024
    • Modified: Dec. 30, 2024

  • 5.5

    MEDIUM
    CVE-2024-35925

    In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blk_rq_stat_sum() The expression dst->nr_samples + src->nr_samples may have zero value on overflow. It is necessary to add a check to avoid division b... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 19, 2024
    • Modified: Dec. 31, 2024

  • 5.5

    MEDIUM
    CVE-2014-3647

    arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.... Read more

    • EPSS Score: %0.03
    • Published: Nov. 10, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-4155

    A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Aug. 24, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 291269 Results