Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.9

    LOW
    CVE-2012-4454

    openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.... Read more

    Affected Products : opencryptoki
    • EPSS Score: %0.53
    • Published: Oct. 10, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2025-43965

    In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.... Read more

    Affected Products : imagemagick
    • Published: Apr. 23, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 2.9

    LOW
    CVE-2025-31160

    atop through 2.11.0 allows local users to cause a denial of service (e.g., assertion failure and application exit) or possibly have unspecified other impact by running certain types of unprivileged processes while a different user runs atop.... Read more

    Affected Products : atop
    • Published: Mar. 26, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Denial of Service

  • 2.9

    LOW
    CVE-2013-1574

    The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause ... Read more

    Affected Products : wireshark
    • EPSS Score: %0.23
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2025-48751

    The process_lock crate 0.1.0 for Rust allows data races in unlock.... Read more

    Affected Products :
    • Published: May. 24, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Race Condition

  • 2.9

    LOW
    CVE-2025-27400

    Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Versions prior to 20.12.3 and 20.13.0 contain a vulnerabil... Read more

    Affected Products : magento
    • Published: Feb. 28, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.9

    LOW
    CVE-2025-48752

    In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthread_mutex is unlocked.... Read more

    Affected Products :
    • Published: May. 24, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Race Condition

  • 2.9

    LOW
    CVE-2025-48753

    In the anode crate 0.1.0 for Rust, data races can occur in unlock in SpinLock.... Read more

    Affected Products :
    • Published: May. 24, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Race Condition

  • 2.9

    LOW
    CVE-2025-48756

    In group_number in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits (e.g., 5 bits) for group number.... Read more

    Affected Products :
    • Published: May. 24, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Memory Corruption

  • 2.9

    LOW
    CVE-2022-21331

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • EPSS Score: %0.32
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2014-0131

    Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.... Read more

    • EPSS Score: %0.10
    • Published: Mar. 24, 2014
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2013-1580

    The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a d... Read more

    Affected Products : wireshark
    • EPSS Score: %0.23
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2024-47813

    Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a `wasmtime::Engine`'s internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type regis... Read more

    Affected Products : wasmtime
    • Published: Oct. 09, 2024
    • Modified: Oct. 10, 2024

  • 2.9

    LOW
    CVE-2012-0042

    Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to... Read more

    Affected Products : enterprise_linux wireshark
    • EPSS Score: %0.21
    • Published: Apr. 11, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1589

    Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.... Read more

    Affected Products : wireshark
    • EPSS Score: %0.26
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2025-46393

    In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).... Read more

    Affected Products : imagemagick
    • Published: Apr. 23, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 2.9

    LOW
    CVE-2022-21333

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • EPSS Score: %0.32
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2025-47736

    dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8.... Read more

    Affected Products :
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 2.9

    LOW
    CVE-2025-48754

    In the memory_pages crate 0.1.0 for Rust, division by zero can occur.... Read more

    Affected Products :
    • Published: May. 24, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Denial of Service

  • 2.9

    LOW
    CVE-2014-6381

    Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a den... Read more

    • EPSS Score: %0.20
    • Published: Dec. 12, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291398 Results