Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2023-3444

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.3 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows an attacker to merge arbitrary code into pro... Read more

    Affected Products : gitlab
    • EPSS Score: %0.18
    • Published: Jul. 13, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-3210

    An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when imp... Read more

    Affected Products : gitlab
    • EPSS Score: %0.53
    • Published: Sep. 01, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2024-1066

    An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay`... Read more

    Affected Products : gitlab
    • EPSS Score: %0.39
    • Published: Feb. 07, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-1035

    A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is poss... Read more

    • EPSS Score: %0.05
    • Published: Feb. 25, 2023
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2018-5730

    MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which ... Read more

    • EPSS Score: %1.11
    • Published: Mar. 06, 2018
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2019-3821

    A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in... Read more

    Affected Products : ubuntu_linux civetweb ceph
    • EPSS Score: %0.65
    • Published: Mar. 27, 2019
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2019-19064

    A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: ... Read more

    Affected Products : linux_kernel fedora
    • EPSS Score: %0.52
    • Published: Nov. 18, 2019
    • Modified: May. 05, 2025

  • 5.3

    MEDIUM
    CVE-2020-24370

    ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).... Read more

    Affected Products : fedora debian_linux lua
    • EPSS Score: %2.70
    • Published: Aug. 17, 2020
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2021-29098

    Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code executi... Read more

    • EPSS Score: %0.35
    • Published: Mar. 25, 2021
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2021-38160

    In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not ... Read more

    • EPSS Score: %0.07
    • Published: Aug. 07, 2021
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-26878

    drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers have memory allocated but not freed).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Mar. 11, 2022
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2023-0921

    A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, sat... Read more

    Affected Products : gitlab
    • EPSS Score: %19.13
    • Published: Jun. 06, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2020-22628

    Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp.... Read more

    Affected Products : libraw
    • EPSS Score: %0.06
    • Published: Aug. 22, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-3205

    An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when imp... Read more

    Affected Products : gitlab
    • EPSS Score: %0.93
    • Published: Sep. 01, 2023
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2023-4647

    An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially l... Read more

    Affected Products : gitlab
    • EPSS Score: %0.22
    • Published: Sep. 01, 2023
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2022-4244

    A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or ... Read more

    • EPSS Score: %0.61
    • Published: Sep. 25, 2023
    • Modified: May. 05, 2025

  • 3.5

    LOW
    CVE-2023-3906

    An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.21
    • Published: Sep. 29, 2023
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2023-45871

    An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.02
    • Published: Oct. 15, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-45898

    The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Oct. 16, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-5825

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can point a CI/CD Component to an... Read more

    Affected Products : gitlab
    • EPSS Score: %0.17
    • Published: Nov. 06, 2023
    • Modified: May. 05, 2025
Showing 20 of 291193 Results