Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2011-4554

    One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1) " (double quote) and newline characters in an org name or (2) " (double quote) characters in an e-mail address, related to a "2nd Order SMTP Injection" i... Read more

    Affected Products : one_click_orgs
    • Published: Dec. 06, 2011
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2022-25804

    An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure permissions for the serverconfig registry key (under JavaSoft\Prefs\de\igel\rm\config in HKEY_LOCAL_MACHINE\SOFTWARE) allow an unprivileged local attacker to read the ... Read more

    Affected Products : universal_management_suite
    • Published: Jun. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-27500

    Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : support
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2021-34984

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open... Read more

    Affected Products : contextcapture_viewer
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-2789

    Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic.... Read more

    Affected Products : electric\'s_proficy
    • Published: Aug. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28161

    An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit thi... Read more

    Affected Products : sannav sannav
    • Published: May. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-29031

    A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vuln... Read more

    Affected Products : jt2go teamcenter_visualization
    • Published: May. 20, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-1880

    Huawei smartphone Lion-AL00C with versions earlier than 10.0.0.205(C00E202R7P2) have a denial of service vulnerability. An attacker crafted specially file to the affected device. Due to insufficient input validation of the value when executing the file, s... Read more

    Affected Products : lion-al00c_firmware lion-al00c
    • Published: Apr. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-29198

    TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-failure w... Read more

    Affected Products : tensorflow
    • Published: May. 20, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-29209

    TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions (e.g., `CHECK_LT`, `CHECK_GT`, etc.) have an incorrect logic when comparing `size_t` and `... Read more

    Affected Products : tensorflow
    • Published: May. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-2079

    X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares.... Read more

    Affected Products : debian_linux x_file_explorer
    • Published: Jul. 16, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38411

    Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter deviceName of the API modbusWriter-Reader, which may allow an attacker to ... Read more

    Affected Products : dialink
    • Published: Nov. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-3973

    Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to decrease the port's connection count followed by process ho... Read more

    Affected Products : antivirus
    • Published: Jul. 17, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-39587

    An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpABC() located in abc.c. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : swftools
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-44009

    A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attack... Read more

    Affected Products : jt2go teamcenter_visualization
    • Published: Dec. 14, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-6078

    FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section.... Read more

    Affected Products : maxview
    • Published: Feb. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2021-45860

    An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to cause a Denial of Service (DoS) via a crafted file.... Read more

    Affected Products : tsmuxer
    • Published: Mar. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-41207

    TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick thi... Read more

    Affected Products : tensorflow
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-0013

    A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Co... Read more

    Affected Products : cortex_xdr_agent windows
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38697

    In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Oct. 14, 2022
    • Modified: May. 15, 2025
Showing 20 of 294522 Results