Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.5

MEDIUM

CVE-2018-8477

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Wi...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows windows_server_2012_r2
Published: Dec. 12, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1163

A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, a...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_1803 windows_server_1803 windows_server_1903
Published: Aug. 14, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1158

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There a...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +7 more products
Published: Aug. 14, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2023-40399

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to disclose kernel memory....

Affected Products : macos iphone_os tvos watchos ipados
Published: Sep. 27, 2023

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-8486

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows windows_server_2012_r2
Published: Oct. 10, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2023-40391

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory....

Affected Products : macos iphone_os tvos xcode ipados
Published: Sep. 27, 2023

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2023-40389

The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Ventura 13.6.5, macOS Monterey 12.7.4. An app may be able to access sensitive user data....

Affected Products : macos
Published: Jun. 10, 2024

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-5295

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file....

Affected Products : podofo
Published: Jan. 08, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2023-40433

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks....

Affected Products : macos
Published: Jan. 10, 2024

Modified: Jun. 03, 2025
5.5

MEDIUM

CVE-2018-8442

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Wi...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows windows_server_2012_r2
Published: Sep. 13, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-8443

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Wi...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows windows_server_2012_r2
Published: Sep. 13, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-8429

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel....

Affected Products : office excel_viewer excel office_compatibility_pack office_for_mac
Published: Sep. 13, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1093

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1097....

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products
Published: Jul. 15, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1091

An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'....

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows windows_11_23h2
Published: Jul. 15, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-8419

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server windows windows_server_2012_r2
Published: Sep. 13, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2018-8408

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows windows_server_2012_r2
Published: Nov. 14, 2018

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-1010301

jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file....

Affected Products : fedora debian_linux jhead
Published: Jul. 15, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2023-40216

OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences....

Affected Products : openbsd openbsd
Published: Aug. 10, 2023

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2019-10018

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case....

Affected Products : ubuntu_linux debian_linux xpdf
Published: Mar. 25, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2023-40360

QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled....

Affected Products : qemu
Published: Aug. 14, 2023

Modified: Nov. 21, 2024

Showing 20 of 292815 Results

Browse by Apps

Latest CVE Feed

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable