Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-11126

    The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type != 2" case, ... Read more

    Affected Products : mpg123
    • EPSS Score: %0.43
    • Published: Jul. 10, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-3996

    A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-wri... Read more

    Affected Products : fedora util-linux
    • EPSS Score: %0.20
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-11358

    The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.... Read more

    Affected Products : debian_linux sound_exchange
    • EPSS Score: %2.62
    • Published: Jul. 31, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-47546

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a `fib` rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routin... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52663

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() Driver uses kasprintf() to initialize fw_{code,data}_bin members of struct acp_dev_data, but kfree() is never called to deallocate... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2020-12966

    AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potenti... Read more

    • EPSS Score: %0.07
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-0148

    Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.... Read more

    • EPSS Score: %0.16
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2008-3995

    Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH.... Read more

    • EPSS Score: %47.40
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2018-16435

    Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.... Read more

    • EPSS Score: %0.43
    • Published: Sep. 04, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-16403

    libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.... Read more

    Affected Products : elfutils
    • EPSS Score: %0.11
    • Published: Sep. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-4121

    In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences.... Read more

    Affected Products : libetpan
    • EPSS Score: %0.13
    • Published: Jan. 17, 2023
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2017-1207

    IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123777.... Read more

    • EPSS Score: %0.05
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2012-0512

    Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7 and 11.2.0.2 and Oracle Enterprise Manager Grid Control allows remote authenticated users to affect confidentiality and integrity via unknown ve... Read more

    Affected Products : database_server
    • EPSS Score: %0.18
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2018-1002100

    In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.... Read more

    Affected Products : kubernetes
    • EPSS Score: %0.63
    • Published: Jun. 02, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-16542

    In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.... Read more

    • EPSS Score: %0.43
    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-0534

    A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault).... Read more

    Affected Products : debian_linux htmldoc
    • EPSS Score: %0.14
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-1274

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'.... Read more

    • EPSS Score: %0.59
    • Published: Sep. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-1685

    The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors.... Read more

    Affected Products : fedora zabbix
    • EPSS Score: %0.39
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2018-20535

    There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.... Read more

    Affected Products : netwide_assembler nasm
    • EPSS Score: %0.13
    • Published: Dec. 28, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-10713

    An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.... Read more

    Affected Products : patch
    • EPSS Score: %0.48
    • Published: Feb. 13, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291385 Results