Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-20413

    In start of Threads.cpp, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.P... Read more

    Affected Products : android
    • Published: Oct. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-32639

    Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.... Read more

    Affected Products : applicant_programme
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-30935

    In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-7945

    Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. This is resolved in Continuous Delivery for Puppet Enterprise 4.0.1.... Read more

    Affected Products : continuous_delivery
    • Published: Sep. 18, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-7422

    Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service (application crash) via unspecified vectors.... Read more

    Affected Products : windows i_access
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-20597

    Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.... Read more

    • Published: Sep. 20, 2023
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2023-30728

    Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local attacker to access arbitrary file. This vulnerability requires user interaction.... Read more

    Affected Products : packageinstallerchn
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-38438

    In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges... Read more

    • Published: Sep. 04, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40833

    A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus ... Read more

    • Published: Nov. 26, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-8223

    Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver.... Read more

    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2020-9146

    A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.... Read more

    Affected Products : emui magic_ui
    • Published: Apr. 01, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-8716

    Improper access control for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    • Published: Aug. 13, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33119

    Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : realsense_depth_camera_manager
    • Published: Feb. 09, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2024-2760

    Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys driver.... Read more

    Affected Products :
    • Published: Apr. 23, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-0698

    In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.P... Read more

    Affected Products : android
    • Published: Aug. 24, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46623

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a maliciou... Read more

    Affected Products : microstation view
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4431

    Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does not properly prevent access to blocks, which allows remote authenticated users to modify arbitrary blocks via the bock id in an edit request.... Read more

    Affected Products : mahara
    • Published: May. 19, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-30084

    An issue found in libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the stackVal function in util/decompile.c.... Read more

    Affected Products : libming
    • Published: May. 09, 2023
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-47493

    In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2011-4717

    Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.... Read more

    Affected Products : zftpserver_suite
    • Published: Dec. 20, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 293669 Results