Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-35898

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() nft_unregister_flowtable_type() within nf_flow_inet_module_exit() can concurrent with __nft_flowtable_type_ge... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 19, 2024
    • Modified: Apr. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-35888

    In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6erspan_rcv() (and erspan_rcv()) no longer make sure erspan_b... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 19, 2024
    • Modified: Apr. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-32115

    A relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests.... Read more

    Affected Products : fortimanager
    • Published: Jan. 14, 2025
    • Modified: Mar. 19, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2017-7067

    An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Jul. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-48877

    In the Linux kernel, the following vulnerability has been resolved: f2fs: let's avoid panic if extent_tree is not created This patch avoids the below panic. pc : __lookup_extent_tree+0xd8/0x760 lr : f2fs_do_write_data_page+0x104/0x87c sp : ffffffc010cb... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 05, 2024

  • 5.5

    MEDIUM
    CVE-2022-43039

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c.... Read more

    Affected Products : gpac
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 5.5

    MEDIUM
    CVE-2020-4421

    IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. IBM X-Force ID: 180084.... Read more

    Affected Products : websphere_application_server
    • Published: May. 06, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-36148

    fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at /src/wav_reader.c.... Read more

    Affected Products : fdkaac
    • Published: Aug. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-11764

    An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.... Read more

    • Published: Apr. 14, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-46489

    GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c.... Read more

    Affected Products : gpac
    • Published: Jan. 05, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-39417

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris exec... Read more

    Affected Products : solaris solaris
    • Published: Oct. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-0476

    Unspecified vulnerability in the SQL Trace Analyzer component in Oracle Support Tools before 12.1.11 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : sql_trace_analyzer
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-38160

    Windows TCP/IP Information Disclosure Vulnerability... Read more

    • Published: Sep. 12, 2023
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2023-1074

    A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causin... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-4211

    A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. ... Read more

    • Actively Exploited
    • Published: Oct. 01, 2023
    • Modified: Feb. 04, 2025

  • 5.5

    MEDIUM
    CVE-2023-42754

    A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may ... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • Published: Oct. 05, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-42894

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access information about a user's contacts.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3610

    The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS cras... Read more

    • Published: Nov. 10, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-4508

    A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file.... Read more

    Affected Products : gerbv
    • Published: Aug. 24, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-0909

    Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.... Read more

    • Published: Mar. 11, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292811 Results