Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-28050

    Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : iris_xe_graphics arc_a_graphics
    • Published: Aug. 14, 2024
    • Modified: Sep. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-43915

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through .3.102.... Read more

    • Published: Aug. 26, 2024
    • Modified: Aug. 28, 2024

  • 5.5

    MEDIUM
    CVE-2024-44914

    An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS).... Read more

    Affected Products : irfanview exr
    • Published: Aug. 28, 2024
    • Modified: May. 23, 2025

  • 5.5

    MEDIUM
    CVE-2024-45444

    Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 04, 2024
    • Modified: Sep. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-45447

    Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 04, 2024
    • Modified: Sep. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-45449

    Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 04, 2024
    • Modified: Sep. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-34643

    Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : android android
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 5.5

    MEDIUM
    CVE-2024-42344

    A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an a... Read more

    • Published: Sep. 10, 2024
    • Modified: Sep. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-40656

    In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User intera... Read more

    Affected Products : android
    • Published: Sep. 11, 2024
    • Modified: Dec. 17, 2024

  • 5.5

    MEDIUM
    CVE-2024-28170

    Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : raid_web_console
    • Published: Sep. 16, 2024
    • Modified: Sep. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-32666

    NULL pointer dereference in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : raid_web_console
    • Published: Sep. 16, 2024
    • Modified: Sep. 23, 2024

  • 5.5

    MEDIUM
    CVE-2017-0670

    A denial of service vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36104177.... Read more

    Affected Products : android
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-0685

    A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34203195.... Read more

    Affected Products : android
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-0708

    A information disclosure vulnerability in the HTC sound driver. Product: Android. Versions: Android kernel. Android ID: A-35384879.... Read more

    Affected Products : android
    • Published: Jul. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-39624

    In PackageManager, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andr... Read more

    Affected Products : android
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-6726

    A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. More Information: CSCvd59341. Known Affected... Read more

    Affected Products : prime_network
    • Published: Jul. 10, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-20013

    A vulnerability classified as problematic was found in WEKA INTEREST Security Scanner up to 1.8. Affected by this vulnerability is the Stresstest Configuration Handler. A manipulation leads to a local denial of service. The exploit has been disclosed to t... Read more

    Affected Products : interest_security_scanner
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-20015

    A vulnerability, which was classified as problematic, was found in WEKA INTEREST Security Scanner up to 1.8. This affects an unknown part of the component LAN Viewer. The manipulation with an unknown input leads to denial of service. Attacking locally is ... Read more

    Affected Products : interest_security_scanner
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-26296

    BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.... Read more

    Affected Products : risvc-boom
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22572

    On unix-like systems, the system temporary directory is shared between all users on that system. The root cause is File.createTempFile creates files in the the system temporary directory with world readable permissions. Any sensitive information written t... Read more

    Affected Products : data_transfer_project
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294690 Results