Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26177

    Windows Kernel Information Disclosure Vulnerability... Read more

    • Published: Mar. 12, 2024
    • Modified: Dec. 27, 2024

  • 5.5

    MEDIUM
    CVE-2022-37439

    In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and w... Read more

    Affected Products : splunk universal_forwarder
    • Published: Aug. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-47071

    In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix a memory leak in error handling paths If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be updated and 'hv_uio_cleanup()' in the error handling path... Read more

    Affected Products : linux_kernel
    • Published: Mar. 01, 2024
    • Modified: Dec. 12, 2024

  • 5.5

    MEDIUM
    CVE-2021-47188

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Improve SCSI abort handling The following has been observed on a test setup: WARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c... Read more

    Affected Products : linux_kernel
    • Published: Apr. 10, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26172

    Windows DWM Core Library Information Disclosure Vulnerability... Read more

    • Published: Apr. 09, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-26174

    Windows Kernel Information Disclosure Vulnerability... Read more

    • Published: Mar. 12, 2024
    • Modified: Dec. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-40972

    In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4_xattr_set_entry() creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as it nests all th... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-20713

    Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of t... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Jan. 10, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-42238

    In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Return error if block header overflows file Return an error from cs_dsp_power_up() if a block header is longer than the amount of data left in the file. The previous ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-43819

    In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Sep. 03, 2024

  • 5.5

    MEDIUM
    CVE-2022-38410

    Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR.... Read more

    Affected Products : macos windows illustrator
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23230

    This issue was addressed with improved file handling. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Mar. 08, 2024
    • Modified: Dec. 05, 2024

  • 5.5

    MEDIUM
    CVE-2024-44994

    In the Linux kernel, the following vulnerability has been resolved: iommu: Restore lost return in iommu_report_device_fault() When iommu_report_device_fault gets called with a partial fault it is supposed to collect the fault into the group and then ret... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-45016

    In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can l... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2024
    • Modified: Sep. 13, 2024

  • 5.5

    MEDIUM
    CVE-2020-27762

    A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an im... Read more

    Affected Products : debian_linux imagemagick
    • Published: Dec. 03, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-46751

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Instead of doing a BUG_ON() handle the error by returning -EUCLEAN, aborting the transaction and logging an er... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Jun. 04, 2025

  • 5.5

    MEDIUM
    CVE-2022-21985

    Windows Remote Access Connection Manager Information Disclosure Vulnerability... Read more

    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26798

    In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcon_do_set_font() Commit a5a923038d70 (fbdev: fbcon: Properly revert changes when vc_resize() failed) started restoring old font data upon f... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2024-26977

    In the Linux kernel, the following vulnerability has been resolved: pci_iounmap(): Fix MMIO mapping leak The #ifdef ARCH_HAS_GENERIC_IOPORT_MAP accidentally also guards iounmap(), which means MMIO mappings are leaked. Move the guard so we call iounmap(... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27871

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6. An app may be able to access protected user data.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 14, 2025
Showing 20 of 293261 Results