Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2020-36775

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock Using f2fs_trylock_op() in f2fs_write_compressed_pages() to avoid potential deadlock like we did in f2fs_write_single_data_page().... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2024
    • Modified: Jul. 11, 2025

  • 5.5

    MEDIUM
    CVE-2020-36427

    GNOME gThumb before 3.10.1 allows an application crash via a malformed JPEG image.... Read more

    Affected Products : gthumb
    • EPSS Score: %0.19
    • Published: Jul. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35921

    An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation.... Read more

    Affected Products : miow
    • EPSS Score: %0.06
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35535

    In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.... Read more

    Affected Products : libraw
    • EPSS Score: %0.02
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-19727

    SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions.... Read more

    Affected Products : leap slurm
    • EPSS Score: %0.05
    • Published: Jan. 13, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-3468

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interfac... Read more

    Affected Products : sd-wan_firmware sd-wan_vmanage
    • EPSS Score: %0.15
    • Published: Jul. 16, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-3434

    A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnera... Read more

    Affected Products : anyconnect_secure_mobility_client
    • EPSS Score: %0.16
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-3352

    A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit ... Read more

    Affected Products : firepower_threat_defense
    • EPSS Score: %0.06
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-3347

    A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. The vulnerability is due to unsafe usage of shared memory that is used by the affec... Read more

    • EPSS Score: %0.07
    • Published: Jun. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-29613

    A logic issue was addressed with improved state management. This issue is fixed in iOS 14.3 and iPadOS 14.3. An enterprise application installation prompt may display the wrong domain.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.19
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-28361

    Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio te... Read more

    Affected Products : kamailio
    • EPSS Score: %0.17
    • Published: Nov. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27937

    A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to access private informat... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.58
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27929

    A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.4.9. A user may send video in Group FaceTime calls without knowing that they have done so.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.19
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27925

    An issue existed in the handling of incoming calls. The issue was addressed with additional state checks. This issue is fixed in iOS 14.2 and iPadOS 14.2. A user may answer two calls simultaneously without indication they have answered a second call.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.06
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27900

    An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to preview files it does not have access to.... Read more

    Affected Products : macos
    • EPSS Score: %0.23
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27829

    A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45.... Read more

    Affected Products : imagemagick
    • EPSS Score: %0.15
    • Published: Mar. 26, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-16167

    sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.... Read more

    • EPSS Score: %0.18
    • Published: Sep. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27802

    An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.... Read more

    Affected Products : upx upx
    • EPSS Score: %0.13
    • Published: Aug. 25, 2022
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2020-27797

    An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.... Read more

    Affected Products : upx upx
    • EPSS Score: %0.09
    • Published: Aug. 25, 2022
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2021-28674

    The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with increme... Read more

    Affected Products : orion_platform
    • EPSS Score: %0.37
    • Published: Jul. 30, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291384 Results