Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26596

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECH... Read more

    Affected Products : linux_kernel
    • Published: Feb. 23, 2024
    • Modified: Feb. 21, 2025

  • 5.5

    MEDIUM
    CVE-2016-2317

    Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransfo... Read more

    • Published: Feb. 03, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-27900

    An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to preview files it does not have access to.... Read more

    Affected Products : macos
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-41946

    pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is large... Read more

    Affected Products : debian_linux postgresql_jdbc_driver
    • Published: Nov. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-7460

    A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows executio... Read more

    Affected Products : application_control change_control
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-27896

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to modify the file system.... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-4269

    A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 05, 2022
    • Modified: Apr. 14, 2025

  • 5.5

    MEDIUM
    CVE-2022-48468

    protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.... Read more

    Affected Products : protobuf-c
    • Published: Apr. 13, 2023
    • Modified: Feb. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-26591

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach The following case can cause a crash due to missing attach_btf: 1) load rawtp program 2) load fentry program with rawtp as targ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 22, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-3357

    A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system.... Read more

    Affected Products : linux_kernel
    • Published: Jun. 28, 2023
    • Modified: Mar. 10, 2025

  • 5.5

    MEDIUM
    CVE-2020-27842

    There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.... Read more

    • Published: Jan. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-25635

    A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.... Read more

    Affected Products : ansible
    • Published: Oct. 05, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26462

    Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.... Read more

    • Published: Feb. 29, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2020-14347

    A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before versio... Read more

    • Published: Aug. 05, 2020
    • Modified: Aug. 29, 2025

  • 5.5

    MEDIUM
    CVE-2020-27830

    A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-7203

    gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup.... Read more

    Affected Products : gitolite
    • Published: Sep. 21, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-2145

    Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text on the Jenkins master file system.... Read more

    Affected Products : zephyr_enterprise_test_management
    • Published: Mar. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26308

    Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.... Read more

    Affected Products : commons_compress commons-compress
    • Published: Feb. 19, 2024
    • Modified: Mar. 27, 2025

  • 5.5

    MEDIUM
    CVE-2020-27829

    A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45.... Read more

    Affected Products : imagemagick
    • Published: Mar. 26, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-7108

    Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash... Read more

    Affected Products : nagios icinga
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025
Showing 20 of 293436 Results