Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-7452

    The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.... Read more

    Affected Products : imageworsener imageworsener
    • EPSS Score: %0.27
    • Published: Apr. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2025-21684

    In the Linux kernel, the following vulnerability has been resolved: gpio: xilinx: Convert gpio_lock to raw spinlock irq_chip functions may be called in raw spinlock context. Therefore, we must also use a raw spinlock for our own internal locking. This ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 09, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2025-21683

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_sk_select_reuseport() memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUS... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2025
    • Modified: Feb. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-21681

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to unregistering netdev with carrier Commit in a fixes tag attempted to fix the issue in the following sequence of calls: do_output -> ovs_vport_s... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2017-7143

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Captive Network Assistant" component. It allows remote attackers to discover cleartext passwords in opportunistic circumstances by sniffing the netw... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.07
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7119

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.25
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7097

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Mail MessageUI" component. It allows attackers to cause a denial of service (memory corruption) via a crafted image.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.29
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7074

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.18
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7072

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) via a crafted iBooks file.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.28
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-7045

    An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.25
    • Published: Jul. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2025-21666

    In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Recent reports have shown how we sometimes call vsock_*_has_data() when a vsock socket has been de-assigned from a transport... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2025
    • Modified: Feb. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-21665

    In the Linux kernel, the following vulnerability has been resolved: filemap: avoid truncating 64-bit offset to 32 bits On 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a 64-bit value to 32 bits, leading to a possible infinite loop ... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2025
    • Modified: Feb. 03, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2017-6976

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to bypass intended access restrictions (for iCloud user records) via a crafted app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.23
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-21644

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix tlb invalidation when wedging If GuC fails to load, the driver wedges, but in the process it tries to do stuff that may not be initialized yet. This moves the xe_gt_tlb_inva... Read more

    Affected Products : linux_kernel
    • Published: Jan. 19, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2017-6404

    An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing destruction or spoofing of log data.... Read more

    Affected Products : netbackup_appliance netbackup
    • EPSS Score: %0.05
    • Published: Mar. 02, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2025-21640

    In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different re... Read more

    Affected Products : linux_kernel
    • Published: Jan. 19, 2025
    • Modified: Apr. 10, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2017-6270

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation during a calculation which may lead to a potential divide by zero an... Read more

    Affected Products : android windows gpu_driver
    • EPSS Score: %0.05
    • Published: Sep. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2025-21637

    In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udp_port: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: ... Read more

    Affected Products : linux_kernel
    • Published: Jan. 19, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2017-6197

    The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function.... Read more

    Affected Products : radare2
    • EPSS Score: %0.28
    • Published: Feb. 24, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-5994

    Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter.... Read more

    Affected Products : virglrenderer
    • EPSS Score: %0.07
    • Published: Mar. 15, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291295 Results