Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-28275

    A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.... Read more

    Affected Products : jhead
    • EPSS Score: %0.07
    • Published: Mar. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-30678

    Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.... Read more

    Affected Products : android calendar
    • EPSS Score: %0.12
    • Published: Jul. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-30904

    A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.... Read more

    Affected Products : insight_remote_support
    • EPSS Score: %0.04
    • Published: Jun. 16, 2023
    • Modified: Dec. 17, 2024

  • 5.5

    MEDIUM
    CVE-2021-26333

    An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential d... Read more

    Affected Products : chipset_driver psp_driver
    • EPSS Score: %0.19
    • Published: Sep. 21, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-4470

    The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted ke... Read more

    • EPSS Score: %0.06
    • Published: Jun. 27, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-30408

    Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry.... Read more

    Affected Products : jerryscript
    • EPSS Score: %0.05
    • Published: Apr. 24, 2023
    • Modified: Feb. 05, 2025

  • 5.5

    MEDIUM
    CVE-2023-30300

    An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.... Read more

    Affected Products : webassembly
    • EPSS Score: %0.02
    • Published: May. 03, 2023
    • Modified: Jan. 30, 2025

  • 5.5

    MEDIUM
    CVE-2023-30207

    A divide by zero issue discovered in Kodi Home Theater Software 19.5 and earlier allows attackers to cause a denial of service via use of crafted mp3 file.... Read more

    Affected Products : kodi
    • EPSS Score: %0.02
    • Published: Jul. 05, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-30086

    Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.06
    • Published: May. 09, 2023
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2019-2824

    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged ... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.52
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-21997

    VMware Tools for Windows (11.x.y prior to 11.3.0) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in ... Read more

    Affected Products : tools windows
    • EPSS Score: %0.04
    • Published: Jun. 18, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-2985

    A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jun. 01, 2023
    • Modified: Mar. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-30083

    Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the newVar_N in util/decompile.c.... Read more

    Affected Products : libming
    • EPSS Score: %0.04
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2021-21612

    Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.... Read more

    Affected Products : tracetronic_ecu-test
    • EPSS Score: %0.03
    • Published: Jan. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-2872

    A vulnerability classified as problematic has been found in FlexiHub 5.5.14691.0. This affects the function 0x220088 in the library fusbhub.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. An attack has to be... Read more

    Affected Products : flexihub
    • EPSS Score: %0.03
    • Published: May. 24, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-2731

    A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF fo... Read more

    Affected Products : enterprise_linux fedora libtiff
    • EPSS Score: %0.01
    • Published: May. 17, 2023
    • Modified: Jan. 22, 2025

  • 5.5

    MEDIUM
    CVE-2023-2700

    A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cle... Read more

    Affected Products : enterprise_linux fedora libvirt
    • EPSS Score: %0.03
    • Published: May. 15, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2021-1822

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system.... Read more

    Affected Products : iphone_os tvos watchos ipados
    • EPSS Score: %0.06
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1800

    A path handling issue was addressed with improved validation. This issue is fixed in Xcode 12.4. A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode.... Read more

    Affected Products : xcode
    • EPSS Score: %0.20
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1258

    A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability i... Read more

    • EPSS Score: %0.04
    • Published: Jan. 13, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292495 Results