Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2019-20167

    An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function senc_Parse() in isomedia/box_code_drm.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.29
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-20093

    The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp.... Read more

    Affected Products : fedora podofo
    • EPSS Score: %0.75
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-20053

    An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.... Read more

    Affected Products : leap backports upx upx
    • EPSS Score: %0.36
    • Published: Dec. 27, 2019
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-31211

    WordPress is an open publishing platform for the Web. Unserialization of instances of the `WP_HTML_Token` class allows for code execution via its `__destruct()` magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to... Read more

    Affected Products : wordpress
    • Published: Apr. 04, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-6720

    An XSS vulnerability stored in Repox has been identified, which allows a local attacker to store a specially crafted JavaScript payload on the server, due to the lack of proper sanitisation of field elements, allowing the attacker to trigger the malicious... Read more

    Affected Products : repox
    • EPSS Score: %0.06
    • Published: Dec. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45256

    A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c.... Read more

    Affected Products : netwide_assembler nasm
    • EPSS Score: %0.14
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-6622

    A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • EPSS Score: %0.01
    • Published: Dec. 08, 2023
    • Modified: Jun. 25, 2025

  • 5.5

    MEDIUM
    CVE-2023-45846

    Incomplete cleanup in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : macos power_gadget
    • Published: May. 16, 2024
    • Modified: Aug. 28, 2025

  • 5.5

    MEDIUM
    CVE-2023-50120

    MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.... Read more

    Affected Products : gpac
    • EPSS Score: %0.07
    • Published: Jan. 10, 2024
    • Modified: Jun. 17, 2025

  • 5.5

    MEDIUM
    CVE-2022-38233

    XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow() at /xpdf/Stream.cc.... Read more

    Affected Products : xpdf
    • EPSS Score: %0.05
    • Published: Aug. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-6560

    An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 09, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-6525

    The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the progress bar element attributes in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping. This makes i... Read more

    • Published: Mar. 16, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2021-46050

    A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common function.... Read more

    Affected Products : binaryen
    • EPSS Score: %0.19
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33463

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr__copy_except() in libyasm/expr.c.... Read more

    Affected Products : yasm
    • EPSS Score: %0.14
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33461

    An issue was discovered in yasm version 1.3.0. There is a use-after-free in yasm_intnum_destroy() in libyasm/intnum.c.... Read more

    Affected Products : yasm
    • EPSS Score: %0.14
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-32275

    An issue was discovered in faust through v2.30.5. A NULL pointer dereference exists in the function CosPrim::computeSigOutput() located in cosprim.hh. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : faust
    • EPSS Score: %0.14
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35919

    An issue was discovered in the net2 crate before 0.2.36 for Rust. It has false expectations about the std::net::SocketAddr memory representation.... Read more

    Affected Products : net2
    • EPSS Score: %0.05
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-20628

    An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a Use-After-Free vulnerability in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.... Read more

    Affected Products : gpac
    • EPSS Score: %0.38
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-20166

    An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_dump() in isomedia/box_dump.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.29
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-19308

    In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).... Read more

    Affected Products : gnome-font-viewer
    • EPSS Score: %0.29
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292318 Results