Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2015-8818

    The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors.... Read more

    Affected Products : qemu
    • EPSS Score: %0.09
    • Published: Dec. 29, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8730

    epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) v... Read more

    Affected Products : wireshark
    • EPSS Score: %1.04
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8729

    The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a deni... Read more

    Affected Products : wireshark
    • EPSS Score: %0.88
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2019-14591

    Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    • EPSS Score: %0.16
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-8716

    The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafte... Read more

    Affected Products : wireshark
    • EPSS Score: %0.08
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-7555

    Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.... Read more

    Affected Products : fedora giflib
    • EPSS Score: %0.30
    • Published: Apr. 13, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2019-14295

    An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation... Read more

    Affected Products : upx upx
    • EPSS Score: %0.25
    • Published: Jul. 27, 2019
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2019-14289

    An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.... Read more

    Affected Products : xpdfreader
    • EPSS Score: %0.16
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-14293

    An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2.... Read more

    Affected Products : xpdfreader
    • EPSS Score: %0.16
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-14292

    An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1.... Read more

    Affected Products : xpdfreader
    • EPSS Score: %0.17
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-14290

    An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2.... Read more

    Affected Products : xpdfreader
    • EPSS Score: %0.16
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-1350

    The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a fail... Read more

    • EPSS Score: %0.03
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2014-9900

    The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive informatio... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.14
    • Published: Aug. 06, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2014-9808

    ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.45
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2014-9805

    ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.46
    • Published: Mar. 30, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2019-14248

    In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled.... Read more

    Affected Products : netwide_assembler
    • EPSS Score: %0.14
    • Published: Jul. 24, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-5118

    Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability... Read more

    Affected Products : enterprise_linux fedora trusted_boot
    • EPSS Score: %0.05
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-14115

    u'Information disclosure issue occurs as in current logic as secure touch is released without clearing the display session which can result in user reading the secure input while touch is in non-secure domain as secure display is active' in Snapdragon Aut... Read more

    • EPSS Score: %0.04
    • Published: Sep. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-14075

    Null pointer dereference issue in radio interface layer due to lack of null check in sapmodule destructor in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MS... Read more

    • EPSS Score: %0.04
    • Published: Apr. 16, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-14067

    Using non-time-constant functions like memcmp to compare sensitive data can lead to information leakage through timing side channel issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,... Read more

    • EPSS Score: %0.04
    • Published: Jun. 02, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292386 Results