Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-23297

    The issue was addressed with improved checks. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4. A malicious application may be able to access private information.... Read more

    Affected Products : iphone_os tvos watchos ipad_os ipados
    • Published: Mar. 08, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-23279

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Mar. 08, 2024
    • Modified: Dec. 07, 2024

  • 5.5

    MEDIUM
    CVE-2023-36728

    Microsoft SQL Server Denial of Service Vulnerability... Read more

    • EPSS Score: %0.08
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-36713

    Windows Common Log File System Driver Information Disclosure Vulnerability... Read more

    • EPSS Score: %2.08
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-20946

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris execut... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.04
    • Published: Jan. 16, 2024
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-20763

    Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue r... Read more

    Affected Products : macos windows animate
    • Published: Mar. 18, 2024
    • Modified: Dec. 04, 2024

  • 5.5

    MEDIUM
    CVE-2023-36629

    The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read.... Read more

    Affected Products : st54-android-packages-apps-nfc
    • EPSS Score: %0.04
    • Published: Jan. 09, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-20724

    Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this ... Read more

    Affected Products : substance_3d_painter
    • EPSS Score: %0.03
    • Published: Feb. 15, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-20714

    Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of t... Read more

    Affected Products : macos windows substance_3d_stager
    • EPSS Score: %0.04
    • Published: Jan. 10, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1778

    An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iP... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • EPSS Score: %0.31
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-20334

    A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due t... Read more

    Affected Products : telepresence_management_suite
    • Published: Apr. 03, 2024
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2021-1740

    A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to mod... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • EPSS Score: %0.07
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-36490

    Improper initialization in some Intel(R) MAS software before version 2.3 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : memory_and_storage_tool
    • EPSS Score: %0.03
    • Published: Feb. 14, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-1141

    A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.... Read more

    Affected Products : glance-store
    • EPSS Score: %0.03
    • Published: Feb. 01, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1683

    Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a sof... Read more

    • EPSS Score: %3.17
    • Published: Jan. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-0443

    A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called whe... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • EPSS Score: %0.01
    • Published: Jan. 12, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-0094

    NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where an untrusted guest VM can cause improper control of the interaction frequency in the host. A successful exploit of this vulnerability might lead to denial of service... Read more

    Affected Products :
    • Published: Jun. 13, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-6795

    An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.... Read more

    Affected Products : pan-os prisma_access
    • EPSS Score: %0.09
    • Published: Dec. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-5595

    Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.... Read more

    Affected Products : gpac
    • EPSS Score: %0.07
    • Published: Oct. 16, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-53013

    In the Linux kernel, the following vulnerability has been resolved: ptdma: pt_core_execute_cmd() should use spinlock The interrupt handler (pt_core_irq_handler()) of the ptdma driver can be called from interrupt context. The code flow in this function c... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 14, 2025
    • Vuln Type: Race Condition
Showing 20 of 292318 Results