Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2019-0561

    An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.... Read more

    • Published: Jan. 08, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52889

    In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being creat... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 5.5

    MEDIUM
    CVE-2023-52850

    In the Linux kernel, the following vulnerability has been resolved: media: hantro: Check whether reset op is defined before use The i.MX8MM/N/P does not define the .reset op since reset of the VPU is done by genpd. Check whether the .reset op is defined... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Dec. 30, 2024

  • 5.5

    MEDIUM
    CVE-2020-27898

    A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1. An attacker may be able to bypass Managed Frame Protection.... Read more

    Affected Products : macos
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-48350

    In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-48349

    In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-24890

    libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way... Read more

    Affected Products : libraw
    • Published: Sep. 16, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52663

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() Driver uses kasprintf() to initialize fw_{code,data}_bin members of struct acp_dev_data, but kfree() is never called to deallocate... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2020-17036

    Windows Function Discovery SSDP Provider Information Disclosure Vulnerability... Read more

    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-17030

    Windows MSCTF Server Information Disclosure Vulnerability... Read more

    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-37386

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-16879

    <p>An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system</p> <p>T... Read more

    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-16269

    radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section.... Read more

    Affected Products : fedora radare2
    • Published: Aug. 03, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1599

    Windows Spoofing Vulnerability... Read more

    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-37379

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1502

    An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerabili... Read more

    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-14892

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where... Read more

    Affected Products : vm_virtualbox
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1391

    An information disclosure vulnerability exists when the Windows Agent Activation Runtime (AarSvc) fails to properly handle objects in memory, aka 'Windows Agent Activation Runtime Information Disclosure Vulnerability'.... Read more

    Affected Products : windows_10 windows_server_2016
    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1351

    An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.... Read more

    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-47561

    A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version... Read more

    Affected Products : photo_station
    • Published: Feb. 02, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 292811 Results