Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-29053

    A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it.... Read more

    Affected Products : fortios
    • EPSS Score: %0.06
    • Published: Sep. 06, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-5082

    The (1) configure and (2) config.guess scripts in GNU troff (aka groff) 1.20.1 on Openwall GNU/*/Linux (aka Owl) improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files vi... Read more

    Affected Products : groff owl
    • EPSS Score: %0.03
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-46051

    TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem.... Read more

    Affected Products :
    • Published: Mar. 27, 2024
    • Modified: Nov. 29, 2024

  • 3.3

    LOW
    CVE-2019-15790

    Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit... Read more

    Affected Products : ubuntu_linux apport apport
    • EPSS Score: %0.09
    • Published: Apr. 28, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-3589

    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure wh... Read more

    • EPSS Score: %0.07
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2023-26083

    Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Dri... Read more

    • Actively Exploited
    • EPSS Score: %0.36
    • Published: Apr. 06, 2023
    • Modified: Jul. 30, 2025

  • 3.3

    LOW
    CVE-2011-1072

    The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerabilit... Read more

    Affected Products : pear
    • EPSS Score: %0.08
    • Published: Mar. 03, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2011-1681

    vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of... Read more

    Affected Products : open-vm-tools
    • EPSS Score: %0.09
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2014-0249

    The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.... Read more

    Affected Products : enterprise_linux sssd
    • EPSS Score: %0.06
    • Published: Jun. 11, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-53872

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial ... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2024-0124

    NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a lim... Read more

    Affected Products : cuda_toolkit
    • Published: Oct. 03, 2024
    • Modified: Oct. 04, 2024

  • 3.3

    LOW
    CVE-2024-42331

    In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browser_push_error method in the src/libs/zbxembed/browser_error.c file. A u... Read more

    Affected Products : zabbix
    • Published: Nov. 27, 2024
    • Modified: Nov. 27, 2024

  • 3.3

    LOW
    CVE-2013-2478

    The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (applic... Read more

    Affected Products : debian_linux wireshark opensuse
    • EPSS Score: %1.45
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-2483

    The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid cou... Read more

    Affected Products : debian_linux wireshark opensuse
    • EPSS Score: %1.45
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2016-7620

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.14
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2017-17864

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.06
    • Published: Dec. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2014-3424

    lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.... Read more

    Affected Products : emacs mageia
    • EPSS Score: %0.14
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-51792

    Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.... Read more

    Affected Products :
    • Published: Apr. 19, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-51559

    Foxit PDF Reader Doc Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in ... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 3.3

    LOW
    CVE-2015-3239

    Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.... Read more

    Affected Products : libunwind
    • EPSS Score: %0.09
    • Published: Aug. 26, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291564 Results