Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2014-3647

    arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.... Read more

    • EPSS Score: %0.03
    • Published: Nov. 10, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2020-9598

    Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability. Successful exploitation could lead to information disclosure.... Read more

    • EPSS Score: %1.91
    • Published: Jun. 25, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3521

    The component in (1) /luci/homebase and (2) /luci/cluster menu in Red Hat Conga 0.12.2 allows remote authenticated users to bypass intended access restrictions via a crafted URL.... Read more

    Affected Products : conga
    • EPSS Score: %0.15
    • Published: Oct. 06, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2000-0552

    ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.... Read more

    Affected Products : icq
    • EPSS Score: %0.96
    • Published: Jun. 06, 2000
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2020-35549

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Any application may establish itself as the default dialer, without user interaction. The Samsung ID is SVE-2020-19172 (December 2020).... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Dec. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3536

    CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration... Read more

    Affected Products : cloudforms_management_engine
    • EPSS Score: %0.10
    • Published: Dec. 15, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35534

    In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.... Read more

    Affected Products : libraw
    • EPSS Score: %0.16
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35530

    In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.... Read more

    Affected Products : debian_linux libraw
    • EPSS Score: %0.02
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35538

    A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.... Read more

    Affected Products : libjpeg-turbo
    • EPSS Score: %0.02
    • Published: Aug. 31, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35522

    In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.... Read more

    • EPSS Score: %0.06
    • Published: Mar. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35507

    There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of thi... Read more

    • EPSS Score: %0.08
    • Published: Jan. 04, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-9557

    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : windows bridge
    • EPSS Score: %1.91
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35532

    In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.... Read more

    Affected Products : debian_linux libraw
    • EPSS Score: %0.02
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3471

    Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.... Read more

    Affected Products : qemu
    • EPSS Score: %0.09
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35495

    There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affec... Read more

    • EPSS Score: %0.36
    • Published: Jan. 04, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3399

    The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS... Read more

    • EPSS Score: %0.12
    • Published: Oct. 07, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2014-3317

    Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.... Read more

    Affected Products : unified_communications_manager
    • EPSS Score: %2.72
    • Published: Jul. 14, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2014-3292

    The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199.... Read more

    Affected Products : unified_communications_manager
    • EPSS Score: %0.96
    • Published: Jun. 10, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2011-2498

    The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.06
    • Published: Feb. 20, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2007-6716

    fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.... Read more

    • EPSS Score: %0.04
    • Published: Sep. 04, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292325 Results