Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2018-11508

    The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %1.54
    • Published: May. 28, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11504

    The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.... Read more

    Affected Products : debian_linux discount
    • EPSS Score: %0.24
    • Published: May. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11503

    The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.... Read more

    Affected Products : debian_linux discount
    • EPSS Score: %0.52
    • Published: May. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11468

    The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.... Read more

    Affected Products : debian_linux discount
    • EPSS Score: %0.52
    • Published: May. 25, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-22321

    Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. ... Read more

    Affected Products : crosscadware
    • EPSS Score: %0.04
    • Published: Apr. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-22354

    Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. ... Read more

    Affected Products : crosscadware
    • EPSS Score: %0.04
    • Published: Apr. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18238

    An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.... Read more

    Affected Products : debian_linux exempi
    • EPSS Score: %0.52
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11381

    The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.... Read more

    Affected Products : radare2
    • EPSS Score: %0.25
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11380

    The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file.... Read more

    Affected Products : radare2
    • EPSS Score: %0.25
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11377

    The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.... Read more

    Affected Products : radare2
    • EPSS Score: %0.26
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11379

    The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file.... Read more

    Affected Products : radare2
    • EPSS Score: %0.25
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-22295

    Datakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. ... Read more

    Affected Products : crosscadware
    • EPSS Score: %0.04
    • Published: Apr. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11382

    The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.... Read more

    Affected Products : radare2
    • EPSS Score: %0.23
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11375

    The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.... Read more

    Affected Products : radare2
    • EPSS Score: %0.23
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2002-0788

    An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users o... Read more

    • EPSS Score: %0.15
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2018-11384

    The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.... Read more

    Affected Products : radare2
    • EPSS Score: %0.25
    • Published: May. 22, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2006-7213

    Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a database by creating a database.... Read more

    Affected Products : firebird firebird
    • EPSS Score: %0.16
    • Published: Jun. 29, 2007
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2018-11280

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing user-space there is no size validation of the NAT entry input. If the user input size of the NAT entry is greater than the max all... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Sep. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-11254

    An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related... Read more

    Affected Products : podofo
    • EPSS Score: %0.37
    • Published: May. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-22233

    After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploi... Read more

    Affected Products : macos windows after_effects
    • EPSS Score: %0.03
    • Published: Feb. 17, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 292428 Results