Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26602

    In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the p... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26600

    In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26596

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECH... Read more

    Affected Products : linux_kernel
    • Published: Feb. 23, 2024
    • Modified: Feb. 21, 2025

  • 5.5

    MEDIUM
    CVE-2012-5474

    The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value.... Read more

    Affected Products : fedora debian_linux openstack horizon
    • EPSS Score: %0.07
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26584

    In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBU... Read more

    Affected Products : linux_kernel
    • Published: Feb. 21, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26308

    Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.... Read more

    Affected Products : commons_compress commons-compress
    • Published: Feb. 19, 2024
    • Modified: Mar. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-24789

    The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the ... Read more

    Affected Products : go
    • Published: Jun. 05, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2024-23850

    In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jan. 23, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23848

    In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jan. 23, 2024
    • Modified: May. 30, 2025

  • 5.5

    MEDIUM
    CVE-2024-23231

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to access user-sen... Read more

    Affected Products : macos iphone_os watchos ipad_os ipados
    • Published: Mar. 08, 2024
    • Modified: Dec. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-23229

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.5, macOS Ventura 13.6.5, macOS Sonoma 14.4. A malicious application may be able to access Find My data.... Read more

    Affected Products : macos
    • Published: May. 14, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-22365

    linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.... Read more

    Affected Products : linux-pam
    • EPSS Score: %0.08
    • Published: Feb. 06, 2024
    • Modified: Jun. 05, 2025

  • 5.5

    MEDIUM
    CVE-2012-2164

    The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attac... Read more

    Affected Products : rational_clearquest
    • EPSS Score: %0.15
    • Published: Aug. 17, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-0727

    Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A fi... Read more

    Affected Products : openssl
    • EPSS Score: %0.33
    • Published: Jan. 26, 2024
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2024-0690

    An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue ma... Read more

    • EPSS Score: %0.05
    • Published: Feb. 06, 2024
    • Modified: Jan. 17, 2025

  • 5.5

    MEDIUM
    CVE-2023-6679

    A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • EPSS Score: %0.01
    • Published: Dec. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-6560

    An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 09, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-1012

    server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify... Read more

    Affected Products : kerberos_5 kerberos
    • EPSS Score: %0.19
    • Published: Jun. 07, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2012-0842

    surf: cookie jar has read access from other local user... Read more

    Affected Products : debian_linux surf
    • EPSS Score: %0.10
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0810

    The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291736 Results