Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26160

    Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability... Read more

    • Published: Mar. 12, 2024
    • Modified: Dec. 27, 2024

  • 5.5

    MEDIUM
    CVE-2019-15369

    The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61_Turbo/Z61_Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows ... Read more

    Affected Products : z61_turbo_firmware z61_turbo
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15368

    The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allow... Read more

    Affected Products : mega_5_firmware mega_5
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23770

    darkhttpd through 1.15 allows local users to discover credentials (for --auth) by listing processes and their arguments.... Read more

    Affected Products : darkhttpd
    • Published: Jan. 22, 2024
    • Modified: May. 30, 2025

  • 5.5

    MEDIUM
    CVE-2024-23224

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.3, macOS Ventura 13.6.4. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Jan. 23, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-22368

    The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells.... Read more

    Affected Products : spreadsheet\
    • Published: Jan. 09, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2019-15363

    The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power_5/Power_5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows an... Read more

    Affected Products : power_5_firmware power_5
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15353

    The Coolpad N3C Android device with a build fingerprint of Coolpad/N3C/N3C:8.1.0/O11019/1538236809:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-l... Read more

    Affected Products : n3c_firmware n3c
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27409

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA controller reg... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-20737

    After Effects versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos windows after_effects
    • Published: Apr. 10, 2024
    • Modified: Dec. 05, 2024

  • 5.5

    MEDIUM
    CVE-2024-27406

    In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU Trying to run the iov_iter unit test on a nommu system such as the qemu kc705-nommu emulation results in a crash. KTAP version 1 ... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-20734

    Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation... Read more

    • Published: Feb. 15, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-20694

    Windows CoreMessaging Information Disclosure Vulnerability... Read more

    • Published: Jan. 09, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-1816

    An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenA... Read more

    Affected Products : gitlab
    • Published: Jun. 27, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52658

    In the Linux kernel, the following vulnerability has been resolved: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" This reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b. The revert is required due to the suspicion it is no... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-0911

    A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash.... Read more

    Affected Products : indent
    • Published: Feb. 06, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-0684

    A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.... Read more

    Affected Products : coreutils
    • Published: Feb. 06, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52657

    In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2019-15359

    The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-loc... Read more

    Affected Products : a6_firmware a6
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15360

    The Hisense U965 Android device with a build fingerprint of Hisense/U965_4G_10/HS6739MT:8.1.0/O11019/Hisense_U965_4G_10_S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0)... Read more

    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 294799 Results