Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-24789

    The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the ... Read more

    Affected Products : go
    • Published: Jun. 05, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2024-23850

    In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jan. 23, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23848

    In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jan. 23, 2024
    • Modified: May. 30, 2025

  • 5.5

    MEDIUM
    CVE-2024-23231

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to access user-sen... Read more

    Affected Products : macos iphone_os watchos ipad_os ipados
    • Published: Mar. 08, 2024
    • Modified: Dec. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-23229

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.5, macOS Ventura 13.6.5, macOS Sonoma 14.4. A malicious application may be able to access Find My data.... Read more

    Affected Products : macos
    • Published: May. 14, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-22365

    linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.... Read more

    Affected Products : linux-pam
    • EPSS Score: %0.08
    • Published: Feb. 06, 2024
    • Modified: Jun. 05, 2025

  • 5.5

    MEDIUM
    CVE-2012-2164

    The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attac... Read more

    Affected Products : rational_clearquest
    • EPSS Score: %0.15
    • Published: Aug. 17, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-0727

    Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A fi... Read more

    Affected Products : openssl
    • EPSS Score: %0.33
    • Published: Jan. 26, 2024
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2024-0690

    An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue ma... Read more

    • EPSS Score: %0.05
    • Published: Feb. 06, 2024
    • Modified: Jan. 17, 2025

  • 5.5

    MEDIUM
    CVE-2023-6679

    A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • EPSS Score: %0.01
    • Published: Dec. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-6560

    An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 09, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-1012

    server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify... Read more

    Affected Products : kerberos_5 kerberos
    • EPSS Score: %0.19
    • Published: Jun. 07, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2012-0842

    surf: cookie jar has read access from other local user... Read more

    Affected Products : debian_linux surf
    • EPSS Score: %0.10
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2012-0810

    The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52991

    In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer in skb_segment_list Commit 3a1296a38d0c ("net: Support GRO/GSO fraglist chaining.") introduced UDP listifyed GRO. The segmentation relies on frag_list being untouc... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-42637

    In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • EPSS Score: %0.03
    • Published: Nov. 01, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52918

    In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: check cx23885_vdev_init() return cx23885_vdev_init() can return a NULL pointer, but that pointer is used in the next line without a check. Add a NULL pointer check... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2023-52912

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed bug on error when unloading amdgpu Fixed bug on error when unloading amdgpu. The error message is as follows: [ 377.706202] kernel BUG at drivers/gpu/drm/drm_buddy.c... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 12, 2024

  • 5.5

    MEDIUM
    CVE-2023-52908

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL dereference Fix potential NULL dereference, in the case when "man", the resource manager might be NULL, when/if we print debug information.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 12, 2024

  • 5.5

    MEDIUM
    CVE-2023-52905

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix resource leakage in VF driver unbind resources allocated like mcam entries to support the Ntuple feature and hash tables for the tc feature are not getting freed in dr... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 13, 2024
Showing 20 of 291756 Results