Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-14140

    The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.07
    • Published: Sep. 05, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-8882

    The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.... Read more

    Affected Products : jasper
    • EPSS Score: %0.25
    • Published: Jan. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2015-1607

    kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related t... Read more

    Affected Products : ubuntu_linux gnupg
    • EPSS Score: %0.63
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-11759

    An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.... Read more

    • EPSS Score: %0.72
    • Published: Apr. 14, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21687

    HTTP.sys Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.44
    • Published: Feb. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-1870

    The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.... Read more

    Affected Products : automatic_bug_reporting_tool
    • EPSS Score: %0.11
    • Published: Jun. 26, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-3598

    There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to... Read more

    Affected Products : enterprise_linux debian_linux openexr
    • EPSS Score: %0.03
    • Published: Jul. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-57953

    In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fix integer overflow on 32bit systems The problem is this multiply in tps6594_rtc_set_offset() tmp = offset * TICKS_PER_HOUR; The "tmp" variable is an s64 but "offset" ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2024-46863

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 03, 2024

  • 5.5

    MEDIUM
    CVE-2014-9845

    The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.... Read more

    • EPSS Score: %0.42
    • Published: Mar. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-20073

    Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem.... Read more

    Affected Products : chrome
    • EPSS Score: %0.03
    • Published: Jun. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-32360

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.... Read more

    Affected Products : macos
    • EPSS Score: %0.04
    • Published: Jun. 23, 2023
    • Modified: Dec. 05, 2024

  • 5.5

    MEDIUM
    CVE-2021-3620

    A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.... Read more

    • EPSS Score: %0.23
    • Published: Mar. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1389

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1419, CVE-2020-1426.... Read more

    • EPSS Score: %0.67
    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-56710

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leaked and pages remain pinned if ceph_alloc_sparse_ext_map() fails. T... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Apr. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-56750

    In the Linux kernel, the following vulnerability has been resolved: erofs: fix blksize < PAGE_SIZE for file-backed mounts Adjust sb->s_blocksize{,_bits} directly for file-backed mounts when the fs block size is smaller than PAGE_SIZE. Previously, EROFS... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Jan. 06, 2025

  • 5.5

    MEDIUM
    CVE-2024-56712

    In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last export_udmabuf() error path In export_udmabuf(), if dma_buf_fd() fails because the FD table is full, a dma_buf owning the udmabuf has already been creat... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Apr. 17, 2025

  • 5.5

    MEDIUM
    CVE-2021-36374

    When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commo... Read more

    • EPSS Score: %0.17
    • Published: Jul. 14, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-42854

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1. An app may be able to disclose kernel memory.... Read more

    Affected Products : macos
    • EPSS Score: %0.07
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2024-26684

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Commit 56e58d6c8a56 ("net: stmmac: Implement Safety Features in XGMAC core") checks and reports safety errors, but ... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 02, 2024
    • Modified: Mar. 17, 2025
Showing 20 of 291360 Results