Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2016-2085

    The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.... Read more

    Affected Products : linux_kernel
    • Published: Apr. 27, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-6188

    Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.... Read more

    Affected Products : debian_linux munin
    • Published: Feb. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6500

    An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.... Read more

    Affected Products : debian_linux imagemagick
    • Published: Mar. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6966

    readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations... Read more

    Affected Products : binutils
    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7029

    An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass ... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Jul. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7472

    The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.... Read more

    Affected Products : linux_kernel
    • Published: May. 11, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-1383

    Apple TV before 6.1.2 allows remote authenticated users to bypass an intended password requirement for iTunes Store purchase transactions via unspecified vectors.... Read more

    Affected Products : tvos apple_tv
    • Published: Jul. 01, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-7608

    The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.... Read more

    Affected Products : ubuntu_linux debian_linux elfutils
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-27816

    A logic issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker may be able to access user data.... Read more

    Affected Products : macos iphone_os tvos watchos ipad_os ipados
    • Published: May. 14, 2024
    • Modified: Dec. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-27805

    An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Jun. 10, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-27792

    This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Jun. 10, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2024-27809

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Jul. 29, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2010-1975

    PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitr... Read more

    Affected Products : postgresql
    • Published: May. 19, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-27437

    In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in request_i... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 05, 2024
    • Modified: Mar. 27, 2025

  • 5.5

    MEDIUM
    CVE-2017-17820

    In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.... Read more

    Affected Products : ubuntu_linux netwide_assembler nasm
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2019-14274

    MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c.... Read more

    Affected Products : leap backports_sle mcpp
    • Published: Jul. 26, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-10882

    A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.... Read more

    • Published: Jul. 27, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27388

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in t... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 01, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-27365

    An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_blockack_ind(), there is no input validation check on a l... Read more

    • Published: Sep. 09, 2024
    • Modified: Mar. 14, 2025

  • 5.5

    MEDIUM
    CVE-2014-125023

    A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be lau... Read more

    Affected Products : ffmpeg
    • Published: Jun. 19, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293304 Results