Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-52773

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() When ddc_service_construct() is called, it explicitly checks both the link type and whether there is something on... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-26355

    Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue... Read more

    Affected Products : dimension
    • EPSS Score: %0.03
    • Published: Mar. 28, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-1802

    CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive information via a crafted app.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %0.26
    • Published: May. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-10172

    The read_new_config_info function in open_utils.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file.... Read more

    Affected Products : wavpack
    • EPSS Score: %0.43
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-10170

    The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file.... Read more

    Affected Products : wavpack
    • EPSS Score: %0.43
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-0656

    Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654.... Read more

    Affected Products : mysql
    • EPSS Score: %0.13
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-0654

    Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0656.... Read more

    Affected Products : mysql
    • EPSS Score: %0.13
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-0653

    Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to FTS.... Read more

    Affected Products : mysql
    • EPSS Score: %0.13
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-8928

    The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.... Read more

    • EPSS Score: %0.30
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2019-12481

    An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box.... Read more

    Affected Products : gpac debian_linux
    • EPSS Score: %0.27
    • Published: May. 30, 2019
    • Modified: Mar. 14, 2025

  • 5.5

    MEDIUM
    CVE-2019-12400

    In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the th... Read more

    • EPSS Score: %0.32
    • Published: Aug. 23, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-12378

    An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE:... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.12
    • Published: May. 28, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-12380

    **DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. N... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: May. 28, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-26344

    Adobe Dimension versions 3.4.7 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation ... Read more

    Affected Products : dimension
    • EPSS Score: %0.02
    • Published: Mar. 28, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-2620

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. A maintainer could modify a webhook URL to leak masked webhook secret... Read more

    Affected Products : gitlab
    • EPSS Score: %0.09
    • Published: Jul. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-12382

    An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.13
    • Published: May. 28, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-3182

    epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.... Read more

    Affected Products : wireshark
    • EPSS Score: %0.09
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2019-11879

    The WEBrick gem 1.4.2 for Ruby allows directory traversal if the attacker once had local access to create a symlink to a location outside of the web root directory. NOTE: The vendor states that this is analogous to Options FollowSymlinks in the Apache HTT... Read more

    Affected Products : webrick
    • EPSS Score: %0.05
    • Published: May. 10, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-1926

    Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users to af... Read more

    Affected Products : e-business_suite fusion_middleware
    • EPSS Score: %0.28
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-1856

    OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container.... Read more

    Affected Products : ubuntu_linux swift
    • EPSS Score: %0.87
    • Published: Apr. 17, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 292321 Results