Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2020-27004

    A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of CGM files. This could result in a memory acces... Read more

    Affected Products : jt2go teamcenter_visualization
    • Published: Feb. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-18786

    In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-28902

    Windows Remote Access Connection Manager Information Disclosure Vulnerability... Read more

    • Published: Apr. 09, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2016-4578

    sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_... Read more

    • Published: May. 23, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2020-28361

    Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio te... Read more

    Affected Products : kamailio
    • Published: Nov. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-8898

    The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.... Read more

    Affected Products : imagemagick
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-35910

    An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of MappedMutexGuard unsoundness.... Read more

    Affected Products : lock_api
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27079

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Mar. 05, 2025

  • 5.5

    MEDIUM
    CVE-2024-27300

    phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The `email` field in phpMyFAQ's user control panel page is vulnerable to stored XSS attacks due to the inadequacy of PHP's `FILTER_VALIDATE_EMAIL` funct... Read more

    Affected Products : phpmyfaq
    • Published: Mar. 25, 2024
    • Modified: Jan. 09, 2025

  • 5.5

    MEDIUM
    CVE-2024-27078

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwi... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-27073

    In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budget_av_attach When saa7146_register_device and saa7146_vv_init fails, budget_av_attach should free the resources it allocates, like the error-handli... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 01, 2024
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2020-36774

    plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash).... Read more

    Affected Products : glade
    • Published: Feb. 19, 2024
    • Modified: May. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-27076

    In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak Free the memory allocated in v4l2_ctrl_handler_init on release.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2020-0937

    An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0939, CVE-2020-0945, CVE-2020-0946, CVE-2020-0947.... Read more

    • Published: Apr. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27074

    In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder In go7007_load_encoder, bounce(i.e. go->boot_fw), is allocated without a deallocation thereafter. After the following call chain: sa... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-27064

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain If nft_netdev_register_hooks() fails, the memory associated with nft_stats is not freed, causing a memory leak. This patch... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2020-3917

    This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks.... Read more

    Affected Products : iphone_os tvos watchos ipados
    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27072

    In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtv_video_free() Remove locks calls in usbtv_video_free() because are useless and may led to a deadlock as reported here: https://syzkaller.appsp... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-27071

    In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fix potential NULL pointer dereference The "im" pins are optional. Add missing check in the hx8357_probe().... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-27060

    In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix NULL pointer dereference in tb_port_update_credits() Olliver reported that his system crashes when plugging in Thunderbolt 1 device: BUG: kernel NULL pointer derefere... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024
Showing 20 of 293330 Results