Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-17817

    In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.... Read more

    Affected Products : ubuntu_linux netwide_assembler nasm
    • EPSS Score: %0.18
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-34647

    Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license.... Read more

    Affected Products : android android
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 5.5

    MEDIUM
    CVE-2019-14275

    Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.... Read more

    Affected Products : debian_linux leap fig2dev
    • EPSS Score: %0.12
    • Published: Jul. 26, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-34672

    Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users.... Read more

    Affected Products :
    • Published: Oct. 08, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-34636

    Use of implicit intent for sensitive communication in Samsung Email prior to version 6.1.94.2 allows local attackers to get sensitive information.... Read more

    Affected Products : email
    • Published: Aug. 07, 2024
    • Modified: Aug. 29, 2024

  • 5.5

    MEDIUM
    CVE-2018-10316

    Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow.... Read more

    Affected Products : netwide_assembler nasm
    • EPSS Score: %0.16
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-34648

    Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.... Read more

    Affected Products : android android
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 5.5

    MEDIUM
    CVE-2024-34630

    Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.... Read more

    Affected Products : notes
    • Published: Aug. 07, 2024
    • Modified: Aug. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-34663

    Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory.... Read more

    Affected Products : android
    • Published: Oct. 08, 2024
    • Modified: Jul. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-34610

    Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-34613

    Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive information of Galaxy watch.... Read more

    Affected Products : android dex wear_os
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-34602

    Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : android android dex
    • Published: Jul. 08, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-34680

    Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 12, 2024

  • 5.5

    MEDIUM
    CVE-2018-1118

    Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memor... Read more

    • EPSS Score: %0.11
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-10881

    A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.... Read more

    • EPSS Score: %0.07
    • Published: Jul. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-34603

    Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data.... Read more

    Affected Products : android android dex
    • Published: Jul. 08, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15721

    An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An internal endpoint unintentionally allowed group maintainers to view and edit group runner settings.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.12
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11797

    In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.... Read more

    • EPSS Score: %1.12
    • Published: Oct. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-34626

    Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.... Read more

    Affected Products : notes
    • Published: Aug. 07, 2024
    • Modified: Aug. 09, 2024

  • 5.5

    MEDIUM
    CVE-2018-1999045

    A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled.... Read more

    Affected Products : jenkins
    • EPSS Score: %0.04
    • Published: Aug. 23, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292495 Results