Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-41779

    There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed. ... Read more

    • EPSS Score: %0.02
    • Published: Jan. 03, 2024
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2018-9345

    In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne... Read more

    Affected Products : android
    • Published: Nov. 19, 2024
    • Modified: Nov. 22, 2024

  • 5.5

    MEDIUM
    CVE-2016-10028

    The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD... Read more

    Affected Products : qemu
    • EPSS Score: %0.09
    • Published: Feb. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-0662

    Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Partition.... Read more

    Affected Products : mysql
    • EPSS Score: %0.15
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-0657

    Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect confidentiality via vectors related to JSON.... Read more

    Affected Products : mysql
    • EPSS Score: %0.18
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-1475

    An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.13
    • Published: May. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52627

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio event... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Mar. 26, 2024
    • Modified: Apr. 29, 2025

  • 5.5

    MEDIUM
    CVE-2015-8926

    The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.... Read more

    • EPSS Score: %0.41
    • Published: Sep. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-0852

    There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ... Read more

    Affected Products : enterprise_linux convert2rhel
    • EPSS Score: %0.11
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-8742

    The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application ... Read more

    Affected Products : wireshark
    • EPSS Score: %0.09
    • Published: Jan. 04, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-52625

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] We need to exit out of the idle stat... Read more

    Affected Products : linux_kernel
    • Published: Mar. 26, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2023-52622

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M ... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Mar. 26, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2023-41254

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitiv... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.03
    • Published: Oct. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41234

    NULL pointer dereference in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : windows power_gadget
    • Published: May. 16, 2024
    • Modified: Aug. 28, 2025

  • 5.5

    MEDIUM
    CVE-2021-45297

    An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.... Read more

    Affected Products : gpac
    • EPSS Score: %0.10
    • Published: Dec. 21, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-44741

    Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this... Read more

    • EPSS Score: %0.92
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41253

    When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.... Read more

    • EPSS Score: %0.23
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-43758

    Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation o... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %0.04
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-43227

    Storage Spaces Controller Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.51
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41077

    An app may be able to access protected user data. This issue is fixed in macOS Sonoma 14, macOS Ventura 13.6.1. The issue was addressed with improved checks.... Read more

    Affected Products : macos
    • EPSS Score: %0.05
    • Published: Oct. 25, 2023
    • Modified: Jun. 12, 2025
Showing 20 of 292278 Results