Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-44647

    An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privil... Read more

    Affected Products : windows apex_one
    • Published: Dec. 12, 2022
    • Modified: Apr. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-45468

    Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.... Read more

    Affected Products : vbase vbase_automation_base
    • Published: Mar. 21, 2023
    • Modified: Jan. 17, 2025

  • 5.5

    MEDIUM
    CVE-2022-45473

    In drachtio-server 0.8.18, /var/log/drachtio has mode 0777 and drachtio.log has mode 0666.... Read more

    Affected Products : drachtio-server
    • Published: Nov. 18, 2022
    • Modified: Apr. 30, 2025

  • 5.5

    MEDIUM
    CVE-2022-36149

    tifig v0.2.2 was discovered to contain a heap-use-after-free via temInfoEntry().... Read more

    Affected Products : tifig
    • Published: Aug. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-14193

    Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directories via a template injection vulnerability in Jira smart v... Read more

    Affected Products : automation_for_jira
    • Published: Nov. 30, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-47455

    In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Mar. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-2220

    Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of Oracle PeopleSoft (component: Manage Requisition Status). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network ac... Read more

    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-1188

    A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42. It has been classified as problematic. Affected is the function 0x222018 in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to denial of serv... Read more

    Affected Products : windows webcam_for_remote_desktop
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-41181

    Due to lack of proper memory management, when a victim opens manipulated Portable Document Format (.pdf, PDFPublishing.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash an... Read more

    Affected Products : 3d_visual_enterprise_author
    • Published: Oct. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-38210

    Adobe XMP Toolkit versions 2022.06 is affected by a Uncontrolled Resource Consumption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation... Read more

    • Published: Aug. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-5017

    IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. IBM X-Force ID: 193653.... Read more

    • Published: Jan. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-38607

    The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings.... Read more

    Affected Products : macos
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2022-48234

    In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2023-38078

    Kofax Power PDF U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this v... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-20997

    In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product:... Read more

    Affected Products : android
    • Published: Mar. 24, 2023
    • Modified: Feb. 25, 2025

  • 5.5

    MEDIUM
    CVE-2023-38850

    Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 comppnent.... Read more

    Affected Products : codedoc
    • Published: Aug. 15, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-5263

    auth0.js (NPM package auth0-js) greater than version 8.0.0 and before version 9.12.3 has a vulnerability. In the case of an (authentication) error, the error object returned by the library contains the original request of the user, which may include the p... Read more

    Affected Products : auth0.js
    • Published: Apr. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-4065

    A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissio... Read more

    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-0565

    Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10. ... Read more

    Affected Products : froxlor
    • Published: Jan. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-1008

    A vulnerability was found in Twister Antivirus 8.17. It has been rated as problematic. This issue affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has ... Read more

    Affected Products : twister_antivirus
    • Published: Feb. 24, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 294070 Results