Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-37687

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's [`GatherNd` implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L1... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.04
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37990

    Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app.... Read more

    Affected Products : debian_linux chrome edge_chromium
    • EPSS Score: %0.34
    • Published: Nov. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-32434

    abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c.... Read more

    Affected Products : fedora debian_linux abcm2ps
    • EPSS Score: %0.09
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-47622

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_han... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38206

    The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Aug. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-39116

    Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the GIF Image Reader component. The affected versions are before version 8.13.14, and... Read more

    Affected Products : jira_server jira_data_center
    • EPSS Score: %0.54
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-26336

    A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to pa... Read more

    Affected Products : active_iq_unified_manager poi
    • EPSS Score: %0.04
    • Published: Mar. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40475

    Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.45
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-5503

    The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image.... Read more

    Affected Products : jasper
    • EPSS Score: %0.44
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-40778

    Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the contex... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %0.41
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-5750

    The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.... Read more

    • EPSS Score: %0.04
    • Published: Jan. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-16889

    <p>An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exp... Read more

    • EPSS Score: %1.04
    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-36410

    A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265.... Read more

    Affected Products : debian_linux libde265
    • EPSS Score: %0.08
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-30666

    Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows illustrator
    • EPSS Score: %2.04
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-18849

    In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.... Read more

    Affected Products : ubuntu_linux fedora leap qemu
    • EPSS Score: %0.08
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45263

    An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash.... Read more

    Affected Products : gpac
    • EPSS Score: %0.08
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1951

    A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.... Read more

    • EPSS Score: %0.34
    • Published: Mar. 23, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46239

    The binary MP4Box in GPAC v1.1.0 was discovered to contain an invalid free vulnerability via the function gf_free () at utils/alloc.c. This vulnerability can lead to a Denial of Service (DoS).... Read more

    Affected Products : gpac
    • EPSS Score: %0.14
    • Published: Jan. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-47050

    In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource The platform_get_resource_byname() can return NULL which would be immediately dereferenced by resource_size(). ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 28, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2021-47119

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_fill_super Buffer head references must be released before calling kill_bdev(); otherwise the buffer head (and its page referenced by b_data) will not be fr... Read more

    Affected Products : linux_kernel
    • Published: Mar. 15, 2024
    • Modified: Jan. 07, 2025
Showing 20 of 291890 Results