Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2011-0528

    Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.... Read more

    Affected Products : puppet
    • EPSS Score: %0.26
    • Published: Feb. 17, 2014
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-39130

    GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.... Read more

    Affected Products : gdb
    • EPSS Score: %0.02
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-39128

    GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.... Read more

    Affected Products : gdb
    • EPSS Score: %0.02
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-38409

    An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_delet... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jul. 17, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-3772

    A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible ker... Read more

    • EPSS Score: %0.01
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-35789

    An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process an... Read more

    Affected Products : rabbitmq-c
    • EPSS Score: %0.02
    • Published: Jun. 16, 2023
    • Modified: Mar. 30, 2025

  • 5.5

    MEDIUM
    CVE-2023-30086

    Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.06
    • Published: May. 09, 2023
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2010-3092

    The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does not properly support case-insensitive filename handling in a database configuration, which allows remote authenticated users to bypass the intended restrictions on downloading a file by ... Read more

    Affected Products : drupal
    • EPSS Score: %0.20
    • Published: Sep. 21, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-28328

    A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the s... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.01
    • Published: Apr. 19, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-28327

    A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause ... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.01
    • Published: Apr. 19, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-26965

    loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.01
    • Published: Jun. 14, 2023
    • Modified: Jan. 06, 2025

  • 5.5

    MEDIUM
    CVE-2023-25586

    A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.... Read more

    Affected Products : binutils
    • EPSS Score: %0.02
    • Published: Sep. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-2412

    Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.20
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-24056

    In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes.... Read more

    Affected Products : pkgconf
    • EPSS Score: %0.04
    • Published: Jan. 22, 2023
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2023-23004

    In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Mar. 01, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-22998

    In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Feb. 28, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-22490

    Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-l... Read more

    Affected Products : git git
    • EPSS Score: %0.12
    • Published: Feb. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21880

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.08
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21877

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.11
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21872

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoco... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.18
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291717 Results