Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2020-27673

    An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.... Read more

    Affected Products : linux_kernel debian_linux leap xen
    • Published: Oct. 22, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-5430

    The Jazz Team Server component in IBM Security AppScan Enterprise 8.x before 8.8 has a default username and password, which makes it easier for remote authenticated users to obtain unspecified access to this component by leveraging this credential informa... Read more

    Affected Products : security_appscan
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-49856

    In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all other EPC sections are used up, CPU can get stuck inside t... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-44186

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2025-21862

    In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU#1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000,... Read more

    Affected Products : linux_kernel
    • Published: Mar. 12, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2019-9209

    In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.... Read more

    Affected Products : ubuntu_linux debian_linux leap wireshark
    • Published: Feb. 28, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23290

    A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Mar. 08, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2025-22006

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence Registering the interrupts for TX or RX DMA Channels prior to registering their respective NAPI callbacks can result in a NU... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2025
    • Modified: Apr. 10, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2024-44931

    In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by callin... Read more

    Affected Products : linux_kernel
    • Published: Aug. 26, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2007-4418

    IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, but th... Read more

    Affected Products : db2_universal_database
    • Published: Aug. 18, 2007
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2024-42070

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DA... Read more

    Affected Products : linux_kernel
    • Published: Jul. 29, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-25741

    printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 12, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2020-27368

    Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.... Read more

    Affected Products : a702r_firmware a702r
    • Published: Jan. 14, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-46795

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 5.5

    MEDIUM
    CVE-2025-24108

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-47229

    libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/var... Read more

    Affected Products : pspp
    • Published: May. 03, 2025
    • Modified: Jul. 18, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2023-42900

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-45004

    In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak of blob encryption key Trusted keys unseal the key blob on load, but keep the sealed payload in the blob field so that every subsequent read (export) will s... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-25654

    Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services, and to decrypt sensitive data stored ... Read more

    Affected Products : unified_management_platform
    • Published: Mar. 18, 2024
    • Modified: Mar. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-30283

    Adobe Framemaker versions 2020.5, 2022.3 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitat... Read more

    Affected Products : windows framemaker
    • Published: May. 16, 2024
    • Modified: Dec. 02, 2024
Showing 20 of 293343 Results