Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26977

    In the Linux kernel, the following vulnerability has been resolved: pci_iounmap(): Fix MMIO mapping leak The #ifdef ARCH_HAS_GENERIC_IOPORT_MAP accidentally also guards iounmap(), which means MMIO mappings are leaked. Move the guard so we call iounmap(... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27871

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6. An app may be able to access protected user data.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-23264

    A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An application may b... Read more

    Affected Products : macos iphone_os tvos ipados visionos
    • Published: Mar. 08, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2020-27753

    There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial ... Read more

    Affected Products : imagemagick
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53222

    In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ #3 Hardwa... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Mar. 24, 2025

  • 5.5

    MEDIUM
    CVE-2024-54484

    The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 5.5

    MEDIUM
    CVE-2020-27750

    A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned... Read more

    Affected Products : debian_linux imagemagick
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-56769

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i... Read more

    Affected Products : linux_kernel
    • Published: Jan. 06, 2025
    • Modified: Jan. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-41098

    Windows GDI+ Information Disclosure Vulnerability... Read more

    • Published: Nov. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-4127

    A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service.... Read more

    Affected Products : linux_kernel
    • Published: Nov. 28, 2022
    • Modified: Jun. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-40703

    IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use t... Read more

    • Published: Sep. 22, 2024
    • Modified: Sep. 27, 2024

  • 5.5

    MEDIUM
    CVE-2025-21555

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network ... Read more

    Affected Products : mysql_server
    • Published: Jan. 21, 2025
    • Modified: Apr. 08, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2014-7975

    The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of wr... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Oct. 13, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-36428

    Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability... Read more

    • Published: Nov. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-42144

    In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data Verify that lvts_data is not NULL before using it.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-5517

    SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567.... Read more

    • Published: Oct. 02, 2013
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-43759

    Illustrator versions 28.6, 27.9.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS con... Read more

    Affected Products : macos windows illustrator
    • Published: Sep. 13, 2024
    • Modified: Sep. 13, 2024

  • 5.5

    MEDIUM
    CVE-2023-52686

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27673

    An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.... Read more

    Affected Products : linux_kernel debian_linux leap xen
    • Published: Oct. 22, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-5430

    The Jazz Team Server component in IBM Security AppScan Enterprise 8.x before 8.8 has a default username and password, which makes it easier for remote authenticated users to obtain unspecified access to this component by leveraging this credential informa... Read more

    Affected Products : security_appscan
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 293280 Results