Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2019-15380

    The Fly Photo Pro Android device with a build fingerprint of Fly/PhotoPro/Photo_Pro:8.1.0/O11019/1528117003:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any... Read more

    Affected Products : photo_pro_firmware photo_pro
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-23736

    There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use constructed programs to cause computer crashes (BSOD).... Read more

    Affected Products : dada_accelerator
    • Published: Dec. 03, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15381

    The BQ 5515L Android device with a build fingerprint of BQru/BQru-5515L/BQru-5515L:8.1.0/O11019/20180409.195525:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows... Read more

    Affected Products : 5515l_firmware 5515l
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15468

    The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_... Read more

    Affected Products : a2_lite_firmware a2_lite
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-16206

    The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information.... Read more

    Affected Products : brocade_sannav
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-3923

    The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application, aka internal bug 30647115.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4025

    Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.... Read more

    • Published: Nov. 03, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2019-7925

    An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an administrator with limited privileges to delete the downloadable products f... Read more

    Affected Products : magento
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-19894

    In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system. An authenticated attacker (non-admin) can disable UAC for other users by renaming and replacing %SYSTEMDRIVE%\IXP\DATA\IXPAS.IXP.... Read more

    Affected Products : easyinstall
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-0020

    In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interacti... Read more

    Affected Products : android
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-35924

    An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex<T> allows cross-thread sending of a non-Send type.... Read more

    Affected Products : try-mutex
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-2709

    HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to ... Read more

    Affected Products : skytone higame
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-0284

    In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions... Read more

    Affected Products : android
    • Published: Sep. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-0315

    In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11A... Read more

    Affected Products : android
    • Published: Sep. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-0372

    In ActivityManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: An... Read more

    Affected Products : android
    • Published: Sep. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-4491

    IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. IBM X-Force ID: 18199... Read more

    Affected Products : spectrum_scale
    • Published: Oct. 20, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-5961

    NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service.... Read more

    • Published: Mar. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-6015

    Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations.... Read more

    Affected Products : endpoint_security
    • Published: Nov. 05, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-5349

    The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure applic... Read more

    Affected Products : android
    • Published: Apr. 06, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-33895

    In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 294717 Results