Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2017-6418

    libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.... Read more

    Affected Products : clamav
    • EPSS Score: %0.56
    • Published: Aug. 07, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-4868

    The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file.... Read more

    Affected Products : exiv2
    • EPSS Score: %0.38
    • Published: Jan. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-38857

    Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.... Read more

    Affected Products : faad2
    • EPSS Score: %0.50
    • Published: Aug. 15, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4863

    Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key.... Read more

    Affected Products : endpoint_protection
    • EPSS Score: %0.04
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-5956

    The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index.... Read more

    Affected Products : virglrenderer
    • EPSS Score: %0.08
    • Published: Mar. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-4400

    A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.... Read more

    Affected Products : mac_os_x iphone_os watchos
    • EPSS Score: %0.20
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4395

    This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %0.07
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4396

    A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.20
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4390

    An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously ... Read more

    Affected Products : macos mac_os_x iphone_os watchos
    • EPSS Score: %0.23
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4379

    A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4381

    A resource exhaustion issue was addressed with improved input validation. This issue is fixed in tvOS 12.1, iOS 12.1. Processing a maliciously crafted message may lead to a denial of service.... Read more

    Affected Products : iphone_os tvos
    • EPSS Score: %0.14
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4365

    An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to iOS 12.1.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.16
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4403

    This issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.23
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4342

    A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.1.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.06
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-5498

    libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.... Read more

    Affected Products : jasper
    • EPSS Score: %0.21
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-4355

    A configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %0.20
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4346

    A validation issue existed which allowed local file access. This was addressed with input sanitization. This issue affected versions prior to macOS Mojave 10.14.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.20
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4339

    This issue was addressed with a new entitlement. This issue is fixed in iOS 12.1. A local user may be able to read a persistent device identifier.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-5409

    The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local... Read more

    Affected Products : firefox firefox_esr windows
    • EPSS Score: %0.11
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4338

    A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %1.24
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292316 Results