Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2019-2183

    In generateServicesMap of RegisteredServicesCache.java, there is a possible account protection bypass due to a caching optimization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne... Read more

    Affected Products : android
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-19626

    In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.... Read more

    Affected Products : debian_linux wireshark
    • Published: Nov. 29, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-46692

    In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark get_wq_ctx() as atomic call Currently get_wq_ctx() is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls get... Read more

    Affected Products : linux_kernel
    • Published: Sep. 13, 2024
    • Modified: Sep. 13, 2024

  • 5.5

    MEDIUM
    CVE-2018-19624

    In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.... Read more

    Affected Products : debian_linux wireshark
    • Published: Nov. 29, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2137

    In the endCall() function of TelecomManager.java, there is a possible Denial of Service due to a missing permission check. This could lead to local denial of access to Emergency Services with User execution privileges needed. User interaction is not neede... Read more

    Affected Products : android
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2110

    In ScreenRotationAnimation of ScreenRotationAnimation.java, there is a possible capture of a secure screen due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction ... Read more

    Affected Products : android
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2053

    In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploita... Read more

    Affected Products : android
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-46677

    In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the N... Read more

    Affected Products : linux_kernel
    • Published: Sep. 13, 2024
    • Modified: Sep. 13, 2024

  • 5.5

    MEDIUM
    CVE-2015-20109

    end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!... Read more

    Affected Products : glibc
    • Published: Jun. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-19567

    A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.... Read more

    Affected Products : dcraw
    • Published: Nov. 26, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-19517

    An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memset call, as demonstrated by sadf.... Read more

    Affected Products : sysstat
    • Published: Nov. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-19523

    DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x80002068) with a user defined buffer size. If the size of the buffer is less than 512 bytes, then the driver will overwrite the next pool header if there is ... Read more

    Affected Products : driveagent
    • Published: Jan. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-16349

    Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.... Read more

    Affected Products : bento4
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-45015

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() For cases where the crtc's connectors_changed was set without enable/active getting toggled , there is an atomic_... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2024
    • Modified: Sep. 13, 2024

  • 5.5

    MEDIUM
    CVE-2018-19522

    DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x800020F4) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for partial input.... Read more

    Affected Products : driveragent
    • Published: Dec. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-44989

    In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference We shouldn't set real_dev to NULL because packets can be in transit and xfrm might call xdo_dev_offload_ok() in parallel. All callbac... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-44968

    In the Linux kernel, the following vulnerability has been resolved: tick/broadcast: Move per CPU pointer access into the atomic section The recent fix for making the take over of the broadcast timer more reliable retrieves a per CPU pointer in preemptib... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 03, 2024

  • 5.5

    MEDIUM
    CVE-2024-44961

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Forward soft recovery errors to userspace As we discussed before[1], soft recovery should be forwarded to userspace, or we can get into a really bad state where apps will ke... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 04, 2024

  • 5.5

    MEDIUM
    CVE-2024-44959

    In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-on... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2015-1323

    The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged... Read more

    Affected Products : ubuntu_linux
    • Published: Jul. 21, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293510 Results