Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2015-1606

    The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.... Read more

    Affected Products : debian_linux gnupg
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-47559

    In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() Coverity reports a possible NULL dereferencing problem: in smc_vlan_by_tcpsk(): 6. returned_null: netdev_lower_get_next r... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-9832

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to determine kernel memory layout.... Read more

    Affected Products : macos mac_os_x
    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-1525

    audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address.... Read more

    Affected Products : android
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-47578

    In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Don't call kcalloc() if size arg is zero If the size arg to kcalloc() is zero, it returns ZERO_SIZE_PTR. Because of that, for a following NULL pointer check to work o... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-15946

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-1573

    The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_N... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-1490

    Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package.... Read more

    Affected Products : endpoint_protection_manager
    • Published: Aug. 01, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2014-0142

    QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in bl... Read more

    Affected Products : qemu
    • Published: Aug. 10, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-10349

    The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.... Read more

    Affected Products : libarchive
    • Published: May. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-17045

    Windows KernelStream Information Disclosure Vulnerability... Read more

    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-31174

    Microsoft Excel Information Disclosure Vulnerability... Read more

    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-21440

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol... Read more

    • Published: Apr. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3447

    A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were n... Read more

    Affected Products : fedora ansible_tower ansible
    • Published: Apr. 01, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34485

    .NET Core and Visual Studio Information Disclosure Vulnerability... Read more

    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35889

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix kernel panic on unknown packet types In the very rare case where a packet type is unknown to the driver, idpf_rx_process_skb_fields would return early without calling eth_type... Read more

    Affected Products : linux_kernel
    • Published: May. 19, 2024
    • Modified: Dec. 31, 2024

  • 5.5

    MEDIUM
    CVE-2017-5024

    FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.... Read more

    Affected Products : chrome
    • Published: Feb. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-22710

    Windows Common Log File System Driver Denial of Service Vulnerability... Read more

    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-32912

    there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed... Read more

    Affected Products : android
    • Published: Jun. 13, 2024
    • Modified: Mar. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-23191

    Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows illustrator
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292811 Results