Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-56629

    In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix when get product name maybe null pointer Due to incorrect dev->product reporting by certain devices, null pointer dereferences occur when dev->product is empty, leading ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 15, 2025

  • 5.5

    MEDIUM
    CVE-2024-56618

    In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx: gpcv2: Adjust delay after power up handshake The udelay(5) is not enough, sometimes below kernel panic still be triggered: [ 4.012973] Kernel panic - not syncing: Asy... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 16, 2025

  • 5.5

    MEDIUM
    CVE-2016-9820

    libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.... Read more

    Affected Products : libav
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-9819

    libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.... Read more

    Affected Products : libav
    • Published: Mar. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-8697

    The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image.... Read more

    Affected Products : potrace
    • Published: Jan. 31, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-8695

    The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8696.... Read more

    Affected Products : potrace potrace
    • Published: Jan. 31, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-20905

    cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-7628

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Assets" component, which allows local users to bypass intended permission restrictions and change a downloaded mobile asset via unspecified vector... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-20908

    cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-20891

    cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-7605

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2018-20888

    cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-7258

    The kernel in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 mishandles page-fault system calls, which allows local users to obtain sensitive information from arbitrary processes via a crafted application, aka "Windows Kernel Memory Add... Read more

    Affected Products : windows_10 windows_server_2016
    • Published: Dec. 20, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-7244

    Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."... Read more

    Affected Products : office
    • Published: Nov. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-7216

    The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."... Read more

    • Published: Nov. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2018-20788

    drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone has several integer overflows because of a left-shifting operation when the right-hand operand can be equal to or greater than the integer len... Read more

    Affected Products : xiaomi_perseus-p-oss
    • Published: Feb. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-20956

    Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. NOTE: all affected customers were migrated by 2020-08-31.... Read more

    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-7122

    The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure.... Read more

    Affected Products : ffmpeg
    • Published: Dec. 23, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-7118

    fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image package 3.2.0-4 (kernel 3.2.81-1) in Debian wheezy mishandles F_SETFL fcntl calls on directories, which allows local users to cause a denial of service (NULL pointer dereference and syst... Read more

    Affected Products : debian_linux
    • Published: Aug. 31, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2024-53202

    In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix possible resource leak in fw_log_firmware_info() The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitiga... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 14, 2025
Showing 20 of 292860 Results