Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-13755

    In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls.... Read more

    Affected Products : debian_linux the_sleuth_kit
    • EPSS Score: %0.28
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-0584

    In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Aug. 17, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35922

    In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fb... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 19, 2024
    • Modified: Dec. 30, 2024

  • 5.5

    MEDIUM
    CVE-2015-8485

    Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8486, and CVE-2016-1152.... Read more

    Affected Products : office
    • EPSS Score: %0.24
    • Published: Feb. 17, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-12167

    It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the ... Read more

    • EPSS Score: %0.05
    • Published: Jul. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-0561

    In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not neede... Read more

    Affected Products : android fedora debian_linux
    • EPSS Score: %0.02
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35933

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev->req_skb is NULL, which will cause this issue.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 19, 2024
    • Modified: Dec. 30, 2024

  • 5.5

    MEDIUM
    CVE-2021-0542

    In updateNotification of BeamTransferManager.java, there is a missing permission check. This could lead to local information disclosure of paired Bluetooth addresses with no additional execution privileges needed. User interaction is needed for exploitati... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-11829

    Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions.... Read more

    Affected Products : windows_10 windows_server_2016
    • EPSS Score: %2.28
    • Published: Oct. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-0563

    In ih264e_fmt_conv_422i_to_420sp of ih264e_fmt_conv.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-11625

    A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."... Read more

    Affected Products : qpdf
    • EPSS Score: %0.31
    • Published: Jul. 25, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-0524

    In isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure of installed packages due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges nee... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-1000252

    The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Sep. 26, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2015-8276

    LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to read arbitrary files via crafted EDOC files.... Read more

    Affected Products : edoc-libraries eparakstitajs_3
    • EPSS Score: %0.22
    • Published: Apr. 10, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-0484

    In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploi... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-9685

    Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Dec. 28, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-0480

    In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitatio... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-9395

    The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.... Read more

    Affected Products : jasper
    • EPSS Score: %0.40
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-0422

    In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6853t mt6873 mt6875 mt6877 mt6883 +44 more products
    • EPSS Score: %0.01
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-0417

    In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Aug. 18, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292316 Results