Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-7207

    The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.... Read more

    Affected Products : ghostscript
    • Published: Mar. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-3753

    AgileBits 1Password through 1.0.9.340 allows security feature bypass... Read more

    Affected Products : 1password
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-28900

    Windows Remote Access Connection Manager Information Disclosure Vulnerability... Read more

    • Published: Apr. 09, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2020-17490

    The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.... Read more

    Affected Products : debian_linux salt
    • Published: Nov. 06, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35609

    A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability.... Read more

    Affected Products : azure_sphere
    • Published: Dec. 22, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3690

    arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a d... Read more

    • Published: Nov. 10, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2014-3647

    arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.... Read more

    • Published: Nov. 10, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2020-9598

    Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability. Successful exploitation could lead to information disclosure.... Read more

    • Published: Jun. 25, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3521

    The component in (1) /luci/homebase and (2) /luci/cluster menu in Red Hat Conga 0.12.2 allows remote authenticated users to bypass intended access restrictions via a crafted URL.... Read more

    Affected Products : conga
    • Published: Oct. 06, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2000-0552

    ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.... Read more

    Affected Products : icq
    • Published: Jun. 06, 2000
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2020-35549

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Any application may establish itself as the default dialer, without user interaction. The Samsung ID is SVE-2020-19172 (December 2020).... Read more

    Affected Products : android
    • Published: Dec. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3536

    CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration... Read more

    Affected Products : cloudforms_management_engine
    • Published: Dec. 15, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35534

    In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.... Read more

    Affected Products : libraw
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35530

    In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.... Read more

    Affected Products : debian_linux libraw
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35538

    A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.... Read more

    Affected Products : libjpeg-turbo
    • Published: Aug. 31, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35522

    In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.... Read more

    • Published: Mar. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35507

    There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of thi... Read more

    • Published: Jan. 04, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-9557

    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : windows bridge
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35532

    In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.... Read more

    Affected Products : debian_linux libraw
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-3471

    Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.... Read more

    Affected Products : qemu
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293507 Results