Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-32076

    in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification... Read more

    Affected Products : in-toto
    • Published: May. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-32039

    Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability... Read more

    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37686

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the strided slice implementation in TFLite has a logic bug which can allow an attacker to trigger an infinite loop. This arises from newly introduced support for [... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37684

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementations of pooling in TFLite are vulnerable to division by 0 errors as there are no checks for divisors not being 0. We have patched the issue in GitHu... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37680

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of fully connected layers in TFLite is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37677

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for `tf.raw_ops.Dequantize` has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid argu... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37674

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a segmentation fault in `tf.raw_ops.MaxPoolGrad` caused by missing validation. The [implementation](https://github.... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37672

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `tf.raw_ops.SdcaOptimizerV2`. The [implementat... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37668

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial of service in applications serving models using `tf.raw_ops.UnravelIndex` by triggering a division by 0. The [implementation](https://... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37660

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The [implementation](ht... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37644

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions providing a negative element to `num_elements` list argument of `tf.raw_ops.TensorListReserve` causes the runtime to abort the process due to reallocating a `std::... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-32040

    Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability... Read more

    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37231

    A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check.... Read more

    Affected Products : atomicparsley
    • Published: Aug. 04, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-32016

    Windows Installer Information Disclosure Vulnerability... Read more

    • Published: Jun. 14, 2023
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2021-36008

    Adobe Illustrator version 25.2.3 (and earlier) is affected by an Use-after-free vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of ... Read more

    Affected Products : windows illustrator
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3569

    A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS (bad memory access) and termination of swtpm. The highest threat from this vulnerability is to system... Read more

    Affected Products : enterprise_linux libtpms
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-32041

    Windows Update Orchestrator Service Information Disclosure Vulnerability... Read more

    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-31918

    Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c.... Read more

    Affected Products : jerryscript
    • Published: May. 12, 2023
    • Modified: Jan. 24, 2025

  • 5.5

    MEDIUM
    CVE-2023-31919

    Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c.... Read more

    Affected Products : jerryscript
    • Published: May. 12, 2023
    • Modified: Jan. 24, 2025

  • 5.5

    MEDIUM
    CVE-2018-3185

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mu... Read more

    • Published: Oct. 17, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292823 Results