Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-18216

    In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Mar. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4224

    An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is ... Read more

    • EPSS Score: %0.04
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-2390

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %0.09
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-5711

    gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a... Read more

    Affected Products : ubuntu_linux debian_linux php
    • EPSS Score: %6.06
    • Published: Jan. 16, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-5730

    MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which ... Read more

    • EPSS Score: %1.11
    • Published: Mar. 06, 2018
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2017-2599

    Jenkins before versions 2.44 and 2.32.2 is vulnerable to an insufficient permission check. This allows users with permissions to create new items (e.g. jobs) to overwrite existing items they don't have access to (SECURITY-321).... Read more

    Affected Products : jenkins
    • EPSS Score: %0.06
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-6191

    The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation.... Read more

    Affected Products : mujs
    • EPSS Score: %3.21
    • Published: Jan. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-8101

    The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.... Read more

    Affected Products : xpdf
    • EPSS Score: %0.15
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-8445

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, ... Read more

    Affected Products : windows_10 windows_server
    • EPSS Score: %4.08
    • Published: Sep. 13, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-8486

    An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,... Read more

    • EPSS Score: %1.05
    • Published: Oct. 10, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-5979

    The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.... Read more

    Affected Products : zziplib zziplib
    • EPSS Score: %0.43
    • Published: Mar. 01, 2017
    • Modified: Jul. 10, 2025

  • 5.5

    MEDIUM
    CVE-2019-0628

    An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.... Read more

    • EPSS Score: %0.55
    • Published: Mar. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-0814

    An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0848.... Read more

    • EPSS Score: %0.98
    • Published: Apr. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-8419

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server... Read more

    • EPSS Score: %1.18
    • Published: Sep. 13, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-7275

    The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fi... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.19
    • Published: Mar. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2019-1010204

    GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. ... Read more

    • EPSS Score: %0.14
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-12495

    The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.... Read more

    Affected Products : debian_linux discount
    • EPSS Score: %0.52
    • Published: Jun. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2009-1021

    Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.41
    • Published: Jul. 14, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2016-2271

    VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP.... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: Feb. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-8846

    The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.... Read more

    Affected Products : debian_linux long_range_zip lrzip
    • EPSS Score: %0.52
    • Published: May. 08, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291558 Results