Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2019-13615

    libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.... Read more

    Affected Products : vlc_media_player
    • EPSS Score: %0.30
    • Published: Jul. 16, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-15704

    The modprobe child process in the ./debian/patches/load_ppp_generic_if_needed patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBE_OPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ub... Read more

    Affected Products : ubuntu_linux ppp
    • EPSS Score: %0.05
    • Published: Sep. 01, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1493

    An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific ... Read more

    Affected Products : office 365_apps outlook
    • EPSS Score: %30.16
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-14742

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having SYSDBA level account privilege... Read more

    Affected Products : core_rdbms database_server
    • EPSS Score: %0.21
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27481

    ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products utilize an encryption key in the data exchange process, which is hardcoded. This could allow an attacker to gain access to sensitive information.... Read more

    Affected Products : defibrillator_dashboard
    • EPSS Score: %0.03
    • Published: Jun. 16, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-14653

    Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 16.1.0.0-16.2.20.1, 17.1.0.0-17.12.17.1 and 18.1.0.0-18.8.18.2. Easi... Read more

    • EPSS Score: %0.18
    • Published: Jul. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1455

    A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require... Read more

    Affected Products : sql_server_management_studio
    • EPSS Score: %0.81
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-14335

    A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability ... Read more

    Affected Products : satellite
    • EPSS Score: %0.04
    • Published: Jun. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-16898

    The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to cause a denial of service via a crafted file, a different vulnerability than CVE-2016-9264.... Read more

    Affected Products : libming
    • EPSS Score: %0.15
    • Published: Nov. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-15955

    bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file.... Read more

    Affected Products : debian_linux bchunk
    • EPSS Score: %0.25
    • Published: Oct. 28, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-15953

    bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.... Read more

    Affected Products : debian_linux bchunk
    • EPSS Score: %0.27
    • Published: Oct. 28, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-13288

    In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerability exists in the CI/CD Jobs page... Read more

    Affected Products : gitlab
    • EPSS Score: %0.20
    • Published: Aug. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1325

    Azure DevOps Server and Team Foundation Services Spoofing Vulnerability... Read more

    Affected Products : azure_devops_server
    • EPSS Score: %1.72
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-14954

    The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system ca... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.97
    • Published: Oct. 02, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-1145

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerabilit... Read more

    Affected Products : windows_10 windows_server_2016
    • EPSS Score: %0.49
    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1120

    A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-... Read more

    Affected Products : windows_10
    • EPSS Score: %0.34
    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-10977

    GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.... Read more

    Affected Products : gitlab
    • EPSS Score: %7.39
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-10763

    An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords.... Read more

    • EPSS Score: %0.13
    • Published: Nov. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-13855

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intend... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %6.25
    • Published: Dec. 25, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13836

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.20
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291751 Results