Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-31007

    Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial of service via a crafted file. Affected component is IrfanView 32bit 4.66 with plugin formats.dll.... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2014-8171

    The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup.... Read more

    • Published: Feb. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-8178

    Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands.... Read more

    Affected Products : docker opensuse cs_engine
    • Published: Dec. 17, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33455

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in do_directive() in modules/preprocs/nasm/nasm-pp.c.... Read more

    Affected Products : yasm
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-30917

    An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted history_depth parameter in DurabilityService QoS component.... Read more

    Affected Products : fast_dds
    • Published: Apr. 11, 2024
    • Modified: Jun. 17, 2025

  • 5.5

    MEDIUM
    CVE-2021-39851

    Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an ap... Read more

    • Published: Sep. 29, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33451

    An issue was discovered in lrzip version 0.641. There are memory leaks in fill_buffer() in stream.c.... Read more

    Affected Products : long_range_zip
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30898

    An access issue was addressed with additional sandbox restrictions on third party applications. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access some of the user's Apple ID information, or recent in-app search ter... Read more

    Affected Products : iphone_os ipados
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-30801

    SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp component.... Read more

    Affected Products :
    • Published: May. 14, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30831

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure of process memory.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30819

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15 and iPadOS 15. Processing a maliciously crafted USD file may disclose memory contents.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Oct. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30770

    A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.... Read more

    Affected Products : iphone_os tvos watchos
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30769

    A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.... Read more

    Affected Products : iphone_os tvos watchos
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1848

    The issue was addressed with improved UI handling. This issue is fixed in iOS 14.5 and iPadOS 14.5. A local user may be able to view sensitive information in the app switcher.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1831

    The issue was addressed with improved permissions logic. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may allow shortcuts to access restricted files.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1781

    A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A malicio... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-9964

    A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. A local user may be able to read kernel memory.... Read more

    Affected Products : iphone_os ipados
    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35874

    In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aio_complete() wakeup list_del_init_careful() needs to be the last access to the wait queue entry - it effectively unlocks access. Previously, finish_wait() ... Read more

    Affected Products : linux_kernel
    • Published: May. 19, 2024
    • Modified: Dec. 30, 2024

  • 5.5

    MEDIUM
    CVE-2021-1852

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A local user may be able to read kernel memory.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-7970

    The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both ar... Read more

    • Published: Oct. 13, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 292811 Results