Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-26950

    Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2021-3585

    A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.... Read more

    Affected Products : tripleo_heat_templates
    • Published: Aug. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-20959

    Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information.... Read more

    Affected Products : android
    • Published: May. 07, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2022-34378

    Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service... Read more

    • Published: Sep. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-36854

    Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information.... Read more

    Affected Products : android dex
    • Published: Sep. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20393

    In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure from the media server with no additional execution privileges needed. User interac... Read more

    Affected Products : android
    • Published: Sep. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38497

    LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69.... Read more

    Affected Products : lief
    • Published: Sep. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-40775

    An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields.... Read more

    Affected Products : bento4
    • Published: Sep. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-37348

    Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This... Read more

    Affected Products : security windows
    • Published: Sep. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-35085

    SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.... Read more

    Affected Products : swftools
    • Published: Sep. 21, 2022
    • Modified: May. 27, 2025

  • 5.5

    MEDIUM
    CVE-2022-23951

    In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs.... Read more

    Affected Products : keylime
    • Published: Sep. 21, 2022
    • Modified: May. 27, 2025

  • 5.5

    MEDIUM
    CVE-2022-28886

    A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine... Read more

    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2025-20677

    In Bluetooth driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412256; Issue ID: MSV-3... Read more

    Affected Products : nbiot_sdk mt7902 mt7921 mt7927 mt7922 mt7925
    • Published: Jun. 02, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2022-26237

    The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.... Read more

    Affected Products : windows remisol_advance
    • Published: Oct. 06, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-26236

    The default privileges for the running service Normand Remisol Advance Launcher in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensi... Read more

    Affected Products : windows remisol_advance
    • Published: Oct. 06, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-26238

    The default privileges for the running service Normand Service Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data... Read more

    Affected Products : windows remisol_advance
    • Published: Oct. 06, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-39874

    Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.... Read more

    Affected Products : account
    • Published: Oct. 07, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-30613

    IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.... Read more

    • Published: Oct. 07, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-48953

    Umbraco is an ASP.NET content management system (CMS). Starting in version 14.0.0 and prior to versions 15.4.2 and 16.0.0, it's possible to upload a file that doesn't adhere with the configured allowable file extensions via a manipulated API request. The ... Read more

    Affected Products : umbraco_cms
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-20985

    Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items.... Read more

    Affected Products :
    • Published: Jun. 04, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Authorization
Showing 20 of 294283 Results