Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2011-0541

    fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.... Read more

    Affected Products : fuse
    • EPSS Score: %0.04
    • Published: Sep. 02, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2016-9908

    Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET' command. A guest user/process could use this flaw to leak contents of the ho... Read more

    Affected Products : qemu
    • EPSS Score: %0.07
    • Published: Dec. 23, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-4486

    The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.... Read more

    • EPSS Score: %0.52
    • Published: May. 23, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-2877

    Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAI... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.11
    • Published: Mar. 03, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2014-9680

    sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstra... Read more

    Affected Products : sudo
    • EPSS Score: %0.38
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2016-9085

    Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.... Read more

    Affected Products : fedora libwebp
    • EPSS Score: %0.10
    • Published: Feb. 03, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2023-28197

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • EPSS Score: %0.12
    • Published: Jan. 10, 2024
    • Modified: Jun. 17, 2025

  • 3.3

    LOW
    CVE-2016-4983

    A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.... Read more

    Affected Products : enterprise_linux leap opensuse dovecot
    • EPSS Score: %0.14
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-2922

    The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a ... Read more

    • EPSS Score: %1.72
    • Published: May. 27, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-27928

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.5. An app may be able to acce... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.04
    • Published: May. 08, 2023
    • Modified: Jan. 29, 2025

  • 3.3

    LOW
    CVE-2014-3422

    lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.... Read more

    Affected Products : emacs mageia
    • EPSS Score: %0.14
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-7553

    The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.... Read more

    Affected Products : buf.pl
    • EPSS Score: %0.08
    • Published: Feb. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2011-0543

    Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.... Read more

    Affected Products : fuse
    • EPSS Score: %0.06
    • Published: Sep. 02, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2025-24121

    A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2019-19126

    On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping address... Read more

    Affected Products : ubuntu_linux fedora debian_linux glibc
    • EPSS Score: %0.02
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-51562

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 3.3

    LOW
    CVE-2023-28303

    Windows Snipping Tool Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.67
    • Published: Jun. 13, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-38205

    drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.07
    • Published: Aug. 08, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-8934

    hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.... Read more

    Affected Products : leap qemu
    • EPSS Score: %0.11
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-40383

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • EPSS Score: %0.08
    • Published: Jan. 10, 2024
    • Modified: Jun. 17, 2025
Showing 20 of 291368 Results