Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2015-0476

    Unspecified vulnerability in the SQL Trace Analyzer component in Oracle Support Tools before 12.1.11 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : sql_trace_analyzer
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-38160

    Windows TCP/IP Information Disclosure Vulnerability... Read more

    • Published: Sep. 12, 2023
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2023-1074

    A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causin... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-4211

    A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. ... Read more

    • Actively Exploited
    • Published: Oct. 01, 2023
    • Modified: Feb. 04, 2025

  • 5.5

    MEDIUM
    CVE-2023-42754

    A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may ... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • Published: Oct. 05, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-42894

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access information about a user's contacts.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3610

    The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS cras... Read more

    • Published: Nov. 10, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-4508

    A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file.... Read more

    Affected Products : gerbv
    • Published: Aug. 24, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-0909

    Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.... Read more

    • Published: Mar. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-22398

    An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is pe... Read more

    Affected Products : junos junos_os_evolved
    • Published: Jan. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-26404

    Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue ... Read more

    Affected Products : macos windows dimension
    • Published: Apr. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-4209

    IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to create arbitrary files on the system. IBM ... Read more

    Affected Products : linux_kernel spectrum_protect_plus
    • Published: May. 04, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52911

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: another fix for the headless Adreno GPU Fix another oops reproducible when rebooting the board with the Adreno GPU working in the headless mode (e.g. iMX platforms). Unable to... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-31584

    Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp.... Read more

    Affected Products : pytorch pytorch_lightning
    • Published: Apr. 19, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2014-9947

    In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist.... Read more

    Affected Products : android
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-37021

    In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-level module registers a driver for the parent device and uses ... Read more

    Affected Products : linux_kernel
    • Published: Jun. 24, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-38548

    In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdns_mhdp_atomic_enable(), the return value of drm_mode_duplicate() is assigned to mhdp_state->current_mode, and the... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2020-16854

    <p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit t... Read more

    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-9896

    drivers/char/adsprpc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate parameters and return values, which allows attackers to obtain sensitive information via a crafted application, aka A... Read more

    Affected Products : android
    • Published: Aug. 06, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2014-9903

    The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call.... Read more

    Affected Products : linux_kernel
    • Published: Jun. 27, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292827 Results