Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-30083

    Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the newVar_N in util/decompile.c.... Read more

    Affected Products : libming
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2018-16647

    In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.... Read more

    Affected Products : mupdf
    • Published: Sep. 06, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-16541

    In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.... Read more

    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26868

    In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails We've been seeing the following panic in production BUG: kernel NULL pointer dereference, address: 0000000000000065 PGD 2f485f067 ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-26863

    In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node() KMSAN reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-valu... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 17, 2024
    • Modified: Jan. 27, 2025

  • 5.5

    MEDIUM
    CVE-2023-21291

    In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed ... Read more

    Affected Products : android
    • Published: Oct. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26855

    In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() The function ice_bridge_setlink() may encounter a NULL pointer dereference if nlmsg_find_attr() returns NULL and... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 17, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-21136

    In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exp... Read more

    Affected Products : android
    • Published: Jun. 15, 2023
    • Modified: Dec. 18, 2024

  • 5.5

    MEDIUM
    CVE-2023-21105

    In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitat... Read more

    Affected Products : android
    • Published: Jun. 15, 2023
    • Modified: Dec. 18, 2024

  • 5.5

    MEDIUM
    CVE-2024-26832

    In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that th... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-26826

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acq... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Mar. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26818

    In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mount_point var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVM_IAS=1 [...] clang -O -g -DVERSION=\"6.8.0-rc3\" -flto=auto -... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Mar. 27, 2025

  • 5.5

    MEDIUM
    CVE-2018-16435

    Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.... Read more

    • Published: Sep. 04, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26772

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock ... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2022-41847

    An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp.... Read more

    Affected Products : bento4
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-41846

    An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.... Read more

    Affected Products : bento4
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-41845

    An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h.... Read more

    Affected Products : bento4
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-26752

    In the Linux kernel, the following vulnerability has been resolved: l2tp: pass correct message length to ip6_append_data l2tp_ip6_sendmsg needs to avoid accounting for the transport header twice when splicing more data into an already partially-occupied... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-26746

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIG_HARDENED_USERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. [ 1987... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2018-16517

    asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.... Read more

    Affected Products : netwide_assembler nasm
    • Published: Sep. 06, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293521 Results