Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-40283

    An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %0.01
    • Published: Aug. 14, 2023
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2018-20839

    systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) c... Read more

    • EPSS Score: %0.67
    • Published: May. 17, 2019
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2018-5729

    MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the dat... Read more

    • EPSS Score: %0.44
    • Published: Mar. 06, 2018
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2016-1000338

    In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some c... Read more

    • EPSS Score: %0.43
    • Published: Jun. 01, 2018
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2024-24762

    `python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that i... Read more

    Affected Products : starlette fastapi python-multipart
    • EPSS Score: %1.80
    • Published: Feb. 05, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2022-42826

    A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution.... Read more

    • EPSS Score: %0.08
    • Published: Feb. 27, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-41747

    Sensitive information disclosure due to unauthenticated path traversal. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.... Read more

    Affected Products : windows cloud_manager
    • EPSS Score: %0.11
    • Published: Aug. 31, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-3444

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.3 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows an attacker to merge arbitrary code into pro... Read more

    Affected Products : gitlab
    • EPSS Score: %0.18
    • Published: Jul. 13, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-3210

    An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when imp... Read more

    Affected Products : gitlab
    • EPSS Score: %0.53
    • Published: Sep. 01, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2024-1066

    An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay`... Read more

    Affected Products : gitlab
    • EPSS Score: %0.39
    • Published: Feb. 07, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-1035

    A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is poss... Read more

    • EPSS Score: %0.05
    • Published: Feb. 25, 2023
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2018-5730

    MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which ... Read more

    • EPSS Score: %1.11
    • Published: Mar. 06, 2018
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2019-3821

    A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in... Read more

    Affected Products : ubuntu_linux civetweb ceph
    • EPSS Score: %0.65
    • Published: Mar. 27, 2019
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2019-19064

    A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: ... Read more

    Affected Products : linux_kernel fedora
    • EPSS Score: %0.52
    • Published: Nov. 18, 2019
    • Modified: May. 05, 2025

  • 5.3

    MEDIUM
    CVE-2020-24370

    ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).... Read more

    Affected Products : fedora debian_linux lua
    • EPSS Score: %2.70
    • Published: Aug. 17, 2020
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2021-29098

    Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code executi... Read more

    • EPSS Score: %0.35
    • Published: Mar. 25, 2021
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2021-38160

    In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not ... Read more

    • EPSS Score: %0.07
    • Published: Aug. 07, 2021
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-26878

    drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers have memory allocated but not freed).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Mar. 11, 2022
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2023-0921

    A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, sat... Read more

    Affected Products : gitlab
    • EPSS Score: %19.13
    • Published: Jun. 06, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2020-22628

    Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp.... Read more

    Affected Products : libraw
    • EPSS Score: %0.06
    • Published: Aug. 22, 2023
    • Modified: May. 05, 2025
Showing 20 of 291170 Results