Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2020-23567

    Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea"... Read more

    Affected Products : irfanview
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-5759

    jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file.... Read more

    Affected Products : mujs
    • Published: Jan. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-23561

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.... Read more

    Affected Products : irfanview
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-5656

    The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.... Read more

    Affected Products : ubuntu_linux fedora opensuse inkscape
    • Published: Jan. 18, 2013
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2020-23563

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.... Read more

    Affected Products : irfanview
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-9055

    JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.... Read more

    Affected Products : jasper
    • Published: Mar. 27, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-1071

    zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.... Read more

    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23282

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Jun. 10, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-1106

    An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a syst... Read more

    • Published: Apr. 23, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11232

    The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.... Read more

    Affected Products : linux_kernel
    • Published: May. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23272

    A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Mar. 08, 2024
    • Modified: Mar. 28, 2025

  • 5.5

    MEDIUM
    CVE-2017-7542

    The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-23266

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Mar. 08, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-23231

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to access user-sen... Read more

    Affected Products : macos iphone_os watchos ipad_os ipados
    • Published: Mar. 08, 2024
    • Modified: Dec. 20, 2024

  • 5.5

    MEDIUM
    CVE-2019-1046

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There... Read more

    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-13094

    An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Jul. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-23269

    An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.... Read more

    Affected Products : gpac
    • Published: Sep. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-23172

    A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives.... Read more

    Affected Products : kuba
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-8949

    A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.... Read more

    Affected Products : sitescope
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23215

    An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Jan. 23, 2024
    • Modified: May. 30, 2025
Showing 20 of 293186 Results