Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2008-1816

    Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) SDO_UTIL in the Oracle Spatial component, aka DB05; or (2) fine grained auditing in the Audit componen... Read more

    Affected Products : database_server
    • EPSS Score: %0.57
    • Published: Apr. 16, 2008
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2008-1815

    Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to DBMS_CDC_UTILITY, aka DB02. NOTE: the previous information was obtain... Read more

    • EPSS Score: %0.46
    • Published: Apr. 16, 2008
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-46692

    A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web... Read more

    • EPSS Score: %0.01
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-4662

    A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 22, 2022
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-4415

    A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.... Read more

    Affected Products : systemd
    • EPSS Score: %0.03
    • Published: Jan. 11, 2023
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2021-39343

    The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/libs/PublisherController.php file which allowed attackers with administrative user ... Read more

    Affected Products : mpl-publisher mpl-publisher
    • EPSS Score: %0.57
    • Published: Oct. 19, 2021
    • Modified: Apr. 25, 2025

  • 5.5

    MEDIUM
    CVE-2022-4285

    An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.... Read more

    Affected Products : enterprise_linux fedora binutils
    • EPSS Score: %0.03
    • Published: Jan. 27, 2023
    • Modified: Mar. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-33220

    Information disclosure in Automotive multimedia due to buffer over-read.... Read more

    • EPSS Score: %0.02
    • Published: Sep. 05, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-40768

    drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.... Read more

    Affected Products : linux_kernel fedora debian_linux
    • EPSS Score: %0.02
    • Published: Sep. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-40755

    JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in libjasper/base/jas_image.c.... Read more

    Affected Products : jasper
    • EPSS Score: %0.04
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38533

    In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.... Read more

    Affected Products : fedora binutils
    • EPSS Score: %0.02
    • Published: Aug. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-36879

    An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.... Read more

    • EPSS Score: %0.04
    • Published: Jul. 27, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2023-1644

    A vulnerability was found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this issue is the function 0x8018E010 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. ... Read more

    Affected Products : malware_fighter
    • EPSS Score: %0.03
    • Published: Mar. 26, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-0115

    Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : graphics_driver
    • EPSS Score: %0.12
    • Published: May. 17, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-3560

    A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' grou... Read more

    Affected Products : enterprise_linux fedora pesign
    • EPSS Score: %0.02
    • Published: Feb. 02, 2023
    • Modified: Mar. 26, 2025

  • 5.5

    MEDIUM
    CVE-2022-35205

    An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.... Read more

    Affected Products : binutils
    • EPSS Score: %0.01
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-35019

    Advancecomp v2.3 was discovered to contain a segmentation fault.... Read more

    Affected Products : fedora advancecomp
    • EPSS Score: %0.02
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-35014

    Advancecomp v2.3 contains a segmentation fault.... Read more

    Affected Products : fedora advancecomp
    • EPSS Score: %0.02
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-39349

    The Author Bio Box WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-author-bio-box-admin.php file which allowed attackers with ad... Read more

    Affected Products : author_bio_box
    • EPSS Score: %0.91
    • Published: Oct. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-3114

    An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025
Showing 20 of 291672 Results