Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2018-7740

    The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system cal... Read more

    • Published: Mar. 07, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-1000036

    In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.... Read more

    Affected Products : debian_linux mupdf
    • Published: May. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27875

    A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15. Privacy Indicators for microphone or camera access may be attributed incorrectly.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2014-1685

    The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors.... Read more

    Affected Products : fedora zabbix
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2018-1000199

    The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. T... Read more

    • Published: May. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-28941

    An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invali... Read more

    Affected Products : linux_kernel fedora debian_linux
    • Published: Nov. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-28935

    NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is n... Read more

    • Published: Dec. 07, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-2085

    The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.... Read more

    Affected Products : linux_kernel
    • Published: Apr. 27, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-6188

    Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.... Read more

    Affected Products : debian_linux munin
    • Published: Feb. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6500

    An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.... Read more

    Affected Products : debian_linux imagemagick
    • Published: Mar. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-6966

    readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations... Read more

    Affected Products : binutils
    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7029

    An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass ... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • Published: Jul. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7472

    The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.... Read more

    Affected Products : linux_kernel
    • Published: May. 11, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-1383

    Apple TV before 6.1.2 allows remote authenticated users to bypass an intended password requirement for iTunes Store purchase transactions via unspecified vectors.... Read more

    Affected Products : tvos apple_tv
    • Published: Jul. 01, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2017-7608

    The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.... Read more

    Affected Products : ubuntu_linux debian_linux elfutils
    • Published: Apr. 09, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-27816

    A logic issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker may be able to access user data.... Read more

    Affected Products : macos iphone_os tvos watchos ipad_os ipados
    • Published: May. 14, 2024
    • Modified: Dec. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-27805

    An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Jun. 10, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-27792

    This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Jun. 10, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2024-27809

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Jul. 29, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2010-1975

    PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitr... Read more

    Affected Products : postgresql
    • Published: May. 19, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 293496 Results