Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-4121

    In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences.... Read more

    Affected Products : libetpan
    • EPSS Score: %0.13
    • Published: Jan. 17, 2023
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2017-1207

    IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123777.... Read more

    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2012-0512

    Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7 and 11.2.0.2 and Oracle Enterprise Manager Grid Control allows remote authenticated users to affect confidentiality and integrity via unknown ve... Read more

    Affected Products : database_server
    • EPSS Score: %0.18
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2018-1002100

    In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.... Read more

    Affected Products : kubernetes
    • EPSS Score: %0.63
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-16542

    In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.... Read more

    • EPSS Score: %0.43
    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-0534

    A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault).... Read more

    Affected Products : debian_linux htmldoc
    • EPSS Score: %0.14
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-1274

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'.... Read more

    • EPSS Score: %0.59
    • Published: Sep. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-1685

    The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors.... Read more

    Affected Products : fedora zabbix
    • EPSS Score: %0.39
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2018-20535

    There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.... Read more

    Affected Products : netwide_assembler nasm
    • EPSS Score: %0.13
    • Published: Dec. 28, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-10713

    An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.... Read more

    Affected Products : patch
    • EPSS Score: %0.48
    • Published: Feb. 13, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-11551

    The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file.... Read more

    Affected Products : libid3tag
    • EPSS Score: %0.63
    • Published: Jul. 31, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-16307

    A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.... Read more

    Affected Products : ubuntu_linux debian_linux ghostscript
    • EPSS Score: %0.48
    • Published: Aug. 13, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-5783

    In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.... Read more

    Affected Products : podofo
    • EPSS Score: %0.37
    • Published: Jan. 19, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-23542

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • EPSS Score: %0.06
    • Published: May. 08, 2023
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-33068

    An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.... Read more

    Affected Products : fedora harfbuzz
    • EPSS Score: %0.07
    • Published: Jun. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-43786

    A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.... Read more

    Affected Products : enterprise_linux fedora libx11
    • EPSS Score: %0.06
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10723

    An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated.... Read more

    Affected Products : podofo
    • EPSS Score: %0.08
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-1016

    A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, un... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.01
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-16999

    Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file.... Read more

    Affected Products : netwide_assembler nasm
    • EPSS Score: %0.30
    • Published: Sep. 13, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-1293

    An information disclosure vulnerability exists in Windows when the Windows SMB Client kernel-mode driver fails to properly handle objects in memory, aka 'Windows SMB Client Driver Information Disclosure Vulnerability'.... Read more

    • EPSS Score: %0.96
    • Published: Sep. 11, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291222 Results