Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2014-8355

    PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.49
    • Published: Apr. 11, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2019-1010305

    libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file... Read more

    • EPSS Score: %0.46
    • Published: Jul. 15, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-21533

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMB Server). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris exec... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.05
    • Published: Jul. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-42245

    In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic t... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-42298

    In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check th... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Sep. 10, 2024

  • 5.5

    MEDIUM
    CVE-2025-21274

    Windows Event Tracing Denial of Service Vulnerability... Read more

    • Published: Jan. 14, 2025
    • Modified: Jan. 27, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2024-43846

    In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent object does not have a parent itself. That is, nesting is not... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Oct. 25, 2024

  • 5.5

    MEDIUM
    CVE-2025-21497

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network ... Read more

    Affected Products : mysql_server
    • Published: Jan. 21, 2025
    • Modified: Apr. 09, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2019-9073

    An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.... Read more

    • EPSS Score: %0.28
    • Published: Feb. 24, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-2496

    A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This fl... Read more

    Affected Products : enterprise_linux debian_linux libvirt
    • Published: Mar. 18, 2024
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2023-39742

    giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c.... Read more

    Affected Products : giflib
    • EPSS Score: %0.02
    • Published: Aug. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52860

    In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process When tearing down a 'hisi_hns3' PMU, we mistakenly run the CPU hotplug callbacks after the... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-26629

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASE_LOCKOWNER The test on so_count in nfsd4_release_lockowner() is nonsense and harmful. Revert to using check_for_locks(), changing that to not sleep. First: harmful. A... Read more

    Affected Products : linux_kernel
    • Published: Mar. 13, 2024
    • Modified: Feb. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-27037

    In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc() in zynq_clk_setup() will return null if the physical memory has run out. As a result, if we use snpri... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-45006

    In the Linux kernel, the following vulnerability has been resolved: xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration re-enumerating full-speed devices after a failed address device command can trigger a NULL pointer dereference. ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-47684

    In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-47706

    In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | Λ ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-47667

    In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) Errata #i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0 (SPRZ452D_July 2018_Revised December 2019 [1]) mentions whe... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-56780

    In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dqu... Read more

    Affected Products : linux_kernel
    • Published: Jan. 08, 2025
    • Modified: Jan. 09, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2025-21845

    In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: sst: Fix SST write failure 'commit 18bcb4aa54ea ("mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()`")' introduced a bug where only one byte of... Read more

    Affected Products : linux_kernel
    • Published: Mar. 12, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291647 Results