Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2020-5961

    NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service.... Read more

    • Published: Mar. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-6015

    Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations.... Read more

    Affected Products : endpoint_security
    • Published: Nov. 05, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-5349

    The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure applic... Read more

    Affected Products : android
    • Published: Apr. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-33895

    In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-5620

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality and integrity via ... Read more

    Affected Products : flexcube_universal_banking
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-33898

    In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-14895

    Vulnerability in the Oracle Utilities Framework product of Oracle Utilities Applications (component: System Wide). Supported versions that are affected are 2.2.0.0.0, 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0 - 4.3.0.6.0, 4.4.0.0.0 and 4.4.0.2.0. Easily exploitable... Read more

    Affected Products : utilities_framework
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-0313

    In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVer... Read more

    Affected Products : android
    • Published: Sep. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15472

    The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, vers... Read more

    Affected Products : a2_lite_firmware a2_lite
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-15368

    AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.... Read more

    Affected Products : rgb_driver_firmware rgb_driver
    • Published: Jun. 29, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-33901

    In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-25392

    Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive information via changing the path.... Read more

    Affected Products : android dex
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-25405

    An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.... Read more

    Affected Products : notes
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-25456

    OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file.... Read more

    Affected Products : android dex
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46169

    Modex v2.11 was discovered to contain an Use-After-Free vulnerability via the component tcache.... Read more

    Affected Products : modex
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46484

    Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_IncrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).... Read more

    Affected Products : jsish
    • Published: Jan. 27, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-26257

    Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2021-46517

    There is an Assertion `mjs_stack_size(&mjs->scopes) > 0' failed at src/mjs_exec.c in Cesanta MJS v2.20.0.... Read more

    Affected Products : mjs
    • Published: Jan. 27, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-15729

    An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x8000204B.... Read more

    Affected Products : antimalware
    • Published: Jun. 21, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-15749

    The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability.... Read more

    • Published: Sep. 06, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 294307 Results