Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-38427

    An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.... Read more

    Affected Products : linux_kernel h300s h410s h500s h700s
    • EPSS Score: %0.09
    • Published: Jul. 18, 2023
    • Modified: May. 05, 2025

  • 4.6

    MEDIUM
    CVE-2023-37453

    An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jul. 06, 2023
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2023-36661

    Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)... Read more

    Affected Products : debian_linux xmltooling
    • EPSS Score: %60.67
    • Published: Jun. 25, 2023
    • Modified: May. 05, 2025

  • 7.0

    HIGH
    CVE-2023-35824

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.01
    • Published: Jun. 18, 2023
    • Modified: May. 05, 2025

  • 7.0

    HIGH
    CVE-2023-35823

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.01
    • Published: Jun. 18, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-35788

    An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or pri... Read more

    • EPSS Score: %0.01
    • Published: Jun. 16, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-35682

    In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Sep. 11, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-35074

    The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.... Read more

    • EPSS Score: %0.60
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2023-34417

    Memory safety bugs present in Firefox 113. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 114.... Read more

    Affected Products : firefox
    • EPSS Score: %0.28
    • Published: Jun. 19, 2023
    • Modified: May. 05, 2025

  • 6.4

    MEDIUM
    CVE-2023-33203

    The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.02
    • Published: May. 18, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-32396

    This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.... Read more

    Affected Products : macos iphone_os tvos watchos xcode ipados
    • EPSS Score: %0.02
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 6.7

    MEDIUM
    CVE-2023-32269

    An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system mus... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: May. 05, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-32233

    In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs becau... Read more

    • EPSS Score: %0.46
    • Published: May. 08, 2023
    • Modified: May. 05, 2025

  • 6.4

    MEDIUM
    CVE-2023-30772

    The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Apr. 16, 2023
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2023-2967

    The TinyMCE Custom Styles WordPress plugin before 1.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disa... Read more

    Affected Products : tinymce_custom_styles
    • EPSS Score: %0.10
    • Published: Jul. 10, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-2939

    Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)... Read more

    Affected Products : chrome windows edge_chromium
    • EPSS Score: %0.02
    • Published: May. 30, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-2936

    Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : chrome edge_chromium
    • EPSS Score: %7.63
    • Published: May. 30, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-2935

    Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : chrome edge_chromium
    • EPSS Score: %7.63
    • Published: May. 30, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-2934

    Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : chrome edge_chromium
    • EPSS Score: %0.72
    • Published: May. 30, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-2933

    Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)... Read more

    Affected Products : chrome edge_chromium
    • EPSS Score: %0.39
    • Published: May. 30, 2023
    • Modified: May. 05, 2025
Showing 20 of 291219 Results