Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2019-19057

    Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failur... Read more

    • EPSS Score: %0.08
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-1044

    vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors.... Read more

    Affected Products : player workstation esxi
    • EPSS Score: %0.28
    • Published: Jan. 29, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2011-1144

    The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnera... Read more

    Affected Products : pear
    • EPSS Score: %0.12
    • Published: Mar. 03, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-15859

    QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.... Read more

    Affected Products : debian_linux qemu
    • EPSS Score: %0.03
    • Published: Jul. 21, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-10183

    Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system... Read more

    Affected Products : enterprise_linux virt-manager
    • EPSS Score: %0.14
    • Published: Jul. 03, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1031

    The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to create arbitrary files via a symlink attack on a /tmp/feh_ temporary file, a different vulnerability than CVE-2011-0702.... Read more

    Affected Products : feh feh
    • EPSS Score: %0.03
    • Published: Feb. 14, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-14354

    A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulner... Read more

    Affected Products : fedora c-ares
    • EPSS Score: %0.19
    • Published: May. 13, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-0414

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via unknown vectors related to Utility/ksh93.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.05
    • Published: Jan. 17, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2014-0249

    The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.... Read more

    Affected Products : enterprise_linux sssd
    • EPSS Score: %0.06
    • Published: Jun. 11, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2021-38205

    drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.07
    • Published: Aug. 08, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-4290

    The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.... Read more

    • EPSS Score: %0.90
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-18196

    Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper ... Read more

    Affected Products : leptonica
    • EPSS Score: %0.04
    • Published: Feb. 23, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-19126

    On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping address... Read more

    Affected Products : ubuntu_linux fedora debian_linux glibc
    • EPSS Score: %0.02
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-2056

    Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.... Read more

    Affected Products : ios_xr
    • EPSS Score: %0.47
    • Published: Aug. 21, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2023-28303

    Windows Snipping Tool Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.67
    • Published: Jun. 13, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-8934

    hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.... Read more

    Affected Products : leap qemu
    • EPSS Score: %0.11
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-1174

    The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user sess... Read more

    Affected Products : systemd systemd
    • EPSS Score: %0.12
    • Published: Jul. 12, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2009-5082

    The (1) configure and (2) config.guess scripts in GNU troff (aka groff) 1.20.1 on Openwall GNU/*/Linux (aka Owl) improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files vi... Read more

    Affected Products : groff owl
    • EPSS Score: %0.03
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-0248

    The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.... Read more

    Affected Products : commons_fileupload
    • EPSS Score: %0.05
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-5081

    Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.... Read more

    • EPSS Score: %0.02
    • Published: Oct. 27, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291520 Results