Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2015-8719

    The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted ... Read more

    Affected Products : wireshark
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2024-35997

    In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core alr... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Jan. 16, 2025

  • 5.5

    MEDIUM
    CVE-2021-0653

    In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User ... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-8745

    QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU... Read more

    Affected Products : debian_linux qemu
    • Published: Dec. 29, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-18043

    Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).... Read more

    Affected Products : ubuntu_linux debian_linux qemu
    • Published: Jan. 31, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-8683

    The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.... Read more

    Affected Products : debian_linux libtiff
    • Published: Apr. 13, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2024-35978

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-8734

    The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.... Read more

    Affected Products : wireshark
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-17815

    In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts.... Read more

    Affected Products : ubuntu_linux netwide_assembler nasm
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-17811

    In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111.... Read more

    Affected Products : ubuntu_linux netwide_assembler nasm
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-35969

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr Although ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it still means hlist_for_each_entry_rcu can return a... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 20, 2024
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2015-8665

    tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.... Read more

    Affected Products : libtiff
    • Published: Apr. 13, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8711

    epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) v... Read more

    Affected Products : wireshark
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-0642

    In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android
    • Published: Aug. 17, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35946

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif.... Read more

    Affected Products : linux_kernel
    • Published: May. 19, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2015-8726

    wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds r... Read more

    Affected Products : wireshark
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-0623

    In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; I... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6853t mt6873 mt6877 mt6885 mt6889 +68 more products
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-0621

    In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; I... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6853t mt6873 mt6877 mt6885 mt6889 +66 more products
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-0614

    In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05495... Read more

    Affected Products : android
    • Published: Oct. 25, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-14859

    An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.... Read more

    Affected Products : ubuntu_linux debian_linux exiv2
    • Published: Sep. 29, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293259 Results