Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-39349

    The Author Bio Box WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-author-bio-box-admin.php file which allowed attackers with ad... Read more

    Affected Products : author_bio_box
    • EPSS Score: %0.91
    • Published: Oct. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-3114

    An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-3112

    An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-3108

    An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-26373

    Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.28
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-21151

    Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.04
    • Published: May. 12, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-3061

    Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.03
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-29654

    Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.... Read more

    Affected Products : netwide_assembler
    • EPSS Score: %0.03
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-2953

    LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8.... Read more

    • EPSS Score: %0.01
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-29107

    Microsoft Office Security Feature Bypass Vulnerability... Read more

    • EPSS Score: %4.13
    • Published: May. 10, 2022
    • Modified: Jan. 02, 2025

  • 5.5

    MEDIUM
    CVE-2017-18238

    An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.... Read more

    Affected Products : debian_linux exempi
    • EPSS Score: %0.52
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28506

    There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.... Read more

    Affected Products : fedora giflib
    • EPSS Score: %0.06
    • Published: Apr. 25, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28389

    mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.... Read more

    • EPSS Score: %0.02
    • Published: Apr. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2006-7213

    Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a database by creating a database.... Read more

    Affected Products : firebird firebird
    • EPSS Score: %0.16
    • Published: Jun. 29, 2007
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2017-0690

    A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36592202.... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-2476

    A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000000... Read more

    Affected Products : fedora wavpack
    • EPSS Score: %0.03
    • Published: Jul. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24462

    Microsoft Word Security Feature Bypass Vulnerability... Read more

    • EPSS Score: %0.78
    • Published: Mar. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-21367

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access ... Read more

    • EPSS Score: %0.15
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2006-2917

    Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directori... Read more

    Affected Products : wingate
    • EPSS Score: %1.72
    • Published: Jul. 10, 2006
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2022-21528

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol... Read more

    • EPSS Score: %0.15
    • Published: Jul. 19, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 291739 Results