Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2014-1859

    (1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.... Read more

    Affected Products : enterprise_linux fedora numpy
    • EPSS Score: %0.07
    • Published: Jan. 08, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-18690

    In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_short... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %0.08
    • Published: Oct. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-11864

    libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2).... Read more

    Affected Products : fedora leap libemf
    • EPSS Score: %0.46
    • Published: May. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-43750

    Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Explo... Read more

    Affected Products : windows premiere_rush
    • EPSS Score: %0.66
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-30671

    Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Ex... Read more

    Affected Products : macos windows indesign
    • EPSS Score: %0.03
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45095

    pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.02
    • Published: Dec. 16, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45402

    The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer le... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.12
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46908

    In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due to the spectre v1 masking mitigation. Hence this also n... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40741

    Adobe Audition version 14.4 (and earlier) is affected by an Access of Memory Location After End of Buffer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-o... Read more

    Affected Products : macos windows audition
    • EPSS Score: %0.41
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-24442

    Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users wi... Read more

    • EPSS Score: %0.03
    • Published: Jan. 26, 2023
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2017-6348

    The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-39320

    FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP may attempt integer addition on too narrow types leads to allocation of a buffer too small holding the data written. A malicious server can trick a FreeRDP based c... Read more

    Affected Products : fedora freerdp
    • EPSS Score: %0.04
    • Published: Nov. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-21529

    fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.... Read more

    Affected Products : debian_linux fig2dev
    • EPSS Score: %0.18
    • Published: Sep. 16, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-1898

    FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of ... Read more

    Affected Products : ubuntu_linux leap ffmpeg
    • EPSS Score: %33.18
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2020-21678

    A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format.... Read more

    Affected Products : fig2dev
    • EPSS Score: %0.14
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-21682

    A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.... Read more

    Affected Products : fig2dev
    • EPSS Score: %0.11
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-0242

    An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability."... Read more

    Affected Products : windows_7 windows_server_2008
    • EPSS Score: %7.63
    • Published: May. 12, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-28298

    Windows Kernel Denial of Service Vulnerability... Read more

    • EPSS Score: %0.12
    • Published: Apr. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38791

    In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.... Read more

    Affected Products : fedora mariadb
    • EPSS Score: %0.02
    • Published: Aug. 27, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-46351

    A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA... Read more

    • EPSS Score: %0.08
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025
Showing 20 of 291305 Results