Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2015-8932

    The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.... Read more

    • EPSS Score: %0.63
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8934

    The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.... Read more

    • EPSS Score: %2.41
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8944

    The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by re... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.06
    • Published: Aug. 06, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-49554

    Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in the modules/preprocs/nasm/nasm-pp.c component.... Read more

    Affected Products : yasm
    • EPSS Score: %0.43
    • Published: Jan. 03, 2024
    • Modified: Jun. 18, 2025

  • 5.5

    MEDIUM
    CVE-2023-1249

    A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 ("coredump: Use the vma snapshot in fill_files_note") not applied yet, then kernel could be affected.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: Mar. 23, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2020-16304

    A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.... Read more

    Affected Products : ubuntu_linux debian_linux ghostscript
    • EPSS Score: %0.63
    • Published: Aug. 13, 2020
    • Modified: Mar. 14, 2025

  • 5.5

    MEDIUM
    CVE-2020-9391

    An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move ... Read more

    • EPSS Score: %0.16
    • Published: Feb. 25, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-1263

    A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.05
    • Published: Aug. 31, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-23159

    A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.... Read more

    Affected Products : sound_exchange sox
    • EPSS Score: %0.03
    • Published: Aug. 25, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2010-5328

    include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this proce... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Feb. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-2626

    It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.... Read more

    • EPSS Score: %0.03
    • Published: Jul. 27, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-39401

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.08
    • Published: Oct. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-20170

    An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid pointer dereference in the function GF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c.... Read more

    Affected Products : gpac debian_linux
    • EPSS Score: %0.49
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-0665

    Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption.... Read more

    Affected Products : ubuntu_linux enterprise_linux mysql
    • EPSS Score: %0.17
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2018-18458

    The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.... Read more

    Affected Products : xpdf
    • EPSS Score: %0.22
    • Published: Oct. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2005-1916

    linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : debian_linux ekg
    • EPSS Score: %0.04
    • Published: Jul. 06, 2005
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2011-2898

    net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information vi... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: May. 24, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2016-10069

    coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.... Read more

    Affected Products : imagemagick leap
    • EPSS Score: %0.57
    • Published: Mar. 02, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-10266

    LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.55
    • Published: Mar. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-4680

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive information from kernel memo... Read more

    Affected Products : iphone_os tvos watchos
    • EPSS Score: %0.25
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291608 Results