Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2020-29623

    "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS ... Read more

    • EPSS Score: %0.05
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-34321

    Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a gues... Read more

    Affected Products : xen
    • EPSS Score: %0.06
    • Published: Jan. 05, 2024
    • Modified: Apr. 17, 2025

  • 3.3

    LOW
    CVE-2019-10183

    Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system... Read more

    Affected Products : enterprise_linux virt-manager
    • EPSS Score: %0.14
    • Published: Jul. 03, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-46971

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional security_locked_down() call Currently, the lockdown state is queried unconditionally, even though its result is used only if the PERF_SAMPLE_REGS_INTR bit i... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Jan. 08, 2025

  • 3.3

    LOW
    CVE-2020-11869

    An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A maliciou... Read more

    Affected Products : qemu
    • EPSS Score: %0.09
    • Published: Apr. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5499

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498.... Read more

    Affected Products : database_server
    • EPSS Score: %0.12
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-48852

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-38605

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.08
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-3239

    Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the ... Read more

    Affected Products : glassfish_server
    • EPSS Score: %0.04
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2023-2602

    A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.... Read more

    • EPSS Score: %0.02
    • Published: Jun. 06, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-23287

    NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may access sensitive system-level information. A successful exploit of this vulnerability may lead to Information disclosure.... Read more

    Affected Products :
    • Published: Aug. 02, 2025
    • Modified: Aug. 04, 2025

  • 3.3

    LOW
    CVE-2021-36087

    The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.... Read more

    Affected Products : fedora selinux
    • EPSS Score: %0.02
    • Published: Jul. 01, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-9932

    CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: Jan. 26, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2023-52703

    In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path syzbot reported that act_len in kalmia_send_init_packet() is uninitialized when passing it to the first usb_bulk_msg error... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-10095

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Solar... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.15
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2011-1089

    The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated... Read more

    Affected Products : glibc
    • EPSS Score: %0.09
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-1086

    In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struct ptrace_lwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant byt... Read more

    Affected Products : freebsd
    • EPSS Score: %0.08
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2013-2929

    The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Dec. 09, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-15875

    In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump fil... Read more

    Affected Products : freebsd
    • EPSS Score: %0.12
    • Published: Feb. 18, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1486

    libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.... Read more

    Affected Products : libvirt
    • EPSS Score: %0.86
    • Published: May. 31, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291401 Results