Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-42322

    Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a remov... Read more

    Affected Products : fedora debian_linux xen
    • Published: Nov. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-3248

    In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow. ... Read more

    Affected Products : xpdf
    • Published: Apr. 02, 2024
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2016-2036

    The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a ... Read more

    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-2016

    Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, def... Read more

    • Published: May. 14, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1865

    The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-35016

    Advancecomp v2.3 was discovered to contain a heap buffer overflow.... Read more

    Affected Products : fedora advancecomp
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-1898

    FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of ... Read more

    Affected Products : ubuntu_linux leap ffmpeg
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1837

    Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote att... Read more

    • Published: May. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1814

    IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.... Read more

    Affected Products : mac_os_x iphone_os tvos
    • Published: May. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1833

    The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML... Read more

    • Published: May. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-3266

    An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 5.5

    MEDIUM
    CVE-2016-1839

    The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XM... Read more

    • Published: May. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1745

    IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-1732

    AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2024-3108

    An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization.  ... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-44197

    The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2022-30159

    Microsoft Office Information Disclosure Vulnerability... Read more

    • Published: Jun. 15, 2022
    • Modified: Jan. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-44201

    The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS Ventura 13.7.2, iOS 18.1 and iPadOS 18.1, macOS Sonoma 14.7.2. Processing a malicious crafted file may lead to a denial-of-service.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 5.5

    MEDIUM
    CVE-2024-44198

    An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Sep. 17, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-44188

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 19, 2025
Showing 20 of 292845 Results