Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-28327

    A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause ... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.01
    • Published: Apr. 19, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-26965

    loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.01
    • Published: Jun. 14, 2023
    • Modified: Jan. 06, 2025

  • 5.5

    MEDIUM
    CVE-2023-25586

    A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.... Read more

    Affected Products : binutils
    • EPSS Score: %0.02
    • Published: Sep. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-2412

    Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.20
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-24056

    In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes.... Read more

    Affected Products : pkgconf
    • EPSS Score: %0.04
    • Published: Jan. 22, 2023
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2023-23004

    In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Mar. 01, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-22998

    In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Feb. 28, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-22490

    Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-l... Read more

    Affected Products : git git
    • EPSS Score: %0.12
    • Published: Feb. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21880

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.08
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21877

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.11
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21872

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoco... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.18
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21869

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.08
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-1171

    Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package... Read more

    Affected Products : satellite network_satellite
    • EPSS Score: %0.89
    • Published: Apr. 18, 2011
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-1076

    A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Mar. 27, 2023
    • Modified: Feb. 24, 2025

  • 5.5

    MEDIUM
    CVE-2023-1018

    An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive... Read more

    • EPSS Score: %0.18
    • Published: Feb. 28, 2023
    • Modified: Mar. 07, 2025

  • 5.5

    MEDIUM
    CVE-2010-0852

    Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.30
    • Published: Apr. 13, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-0469

    A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Jan. 26, 2023
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2023-0394

    A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.03
    • Published: Jan. 26, 2023
    • Modified: Mar. 31, 2025

  • 5.5

    MEDIUM
    CVE-2010-0481

    The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a... Read more

    • EPSS Score: %0.67
    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2010-0206

    xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.... Read more

    Affected Products : debian_linux xpdf
    • EPSS Score: %0.44
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291741 Results