Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2020-19909

    Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated s... Read more

    Affected Products : curl
    • EPSS Score: %0.02
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-25815

    In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `ge... Read more

    Affected Products : fedora git_for_windows
    • EPSS Score: %0.09
    • Published: Apr. 25, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-25523

    NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to... Read more

    Affected Products : linux_kernel windows cuda_toolkit
    • EPSS Score: %0.05
    • Published: Jul. 04, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-3219

    GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.... Read more

    Affected Products : gnupg
    • EPSS Score: %0.01
    • Published: Feb. 23, 2023
    • Modified: Mar. 12, 2025

  • 3.3

    LOW
    CVE-2024-51491

    notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature... Read more

    Affected Products : notation-go
    • Published: Jan. 13, 2025
    • Modified: Jan. 14, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2011-1678

    smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger cor... Read more

    Affected Products : samba
    • EPSS Score: %0.21
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2022-34875

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • EPSS Score: %0.58
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-23505

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be ... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.03
    • Published: Feb. 27, 2023
    • Modified: Mar. 11, 2025

  • 3.3

    LOW
    CVE-2021-44194

    Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows after_effects
    • EPSS Score: %0.04
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-18442

    Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".... Read more

    Affected Products : fedora debian_linux zziplib zziplib
    • EPSS Score: %0.06
    • Published: Jun. 18, 2021
    • Modified: Jul. 10, 2025

  • 3.3

    LOW
    CVE-2019-15919

    An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.... Read more

    Affected Products : linux_kernel leap
    • EPSS Score: %0.06
    • Published: Sep. 04, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-4277

    Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.... Read more

    Affected Products : subversion
    • EPSS Score: %0.23
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-2708

    Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege wi... Read more

    Affected Products : berkeley_db
    • EPSS Score: %1.28
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-21151

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris ex... Read more

    Affected Products : solaris solaris
    • Published: Jul. 16, 2024
    • Modified: Dec. 05, 2024

  • 3.3

    LOW
    CVE-2013-2484

    The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.... Read more

    Affected Products : debian_linux wireshark opensuse
    • EPSS Score: %1.42
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-3825

    Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than C... Read more

    Affected Products : wireshark
    • EPSS Score: %2.05
    • Published: Jun. 30, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-53874

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial ... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2022-23114

    Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.... Read more

    Affected Products : publish_over_ssh
    • EPSS Score: %0.08
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-22656

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the ... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.15
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-2794

    The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file.... Read more

    Affected Products : firefox spice-xpi
    • EPSS Score: %0.03
    • Published: Aug. 30, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 291562 Results