Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-25026

    The Patreon WordPress plugin before 1.8.2 does not sanitise and escape the field "Custom Patreon Page name", which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed... Read more

    Affected Products : patreon_wordpress
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-20859

    Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege.... Read more

    Affected Products : android android dex
    • Published: May. 07, 2024
    • Modified: Feb. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-20875

    Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files.... Read more

    Affected Products : android android dex
    • Published: Jun. 04, 2024
    • Modified: Feb. 10, 2025

  • 5.5

    MEDIUM
    CVE-2023-52384

    Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: May. 14, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-1193

    A vulnerability was found in Navicat 12.0.29. It has been rated as problematic. This issue affects some unknown processing of the component MySQL Conecction Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The expl... Read more

    Affected Products : navicat
    • Published: Feb. 02, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-44426

    In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 04, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-38496

    LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.... Read more

    Affected Products : lief
    • Published: Sep. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-20823

    Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.... Read more

    Affected Products : galaxy_store
    • Published: Feb. 06, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-39116

    In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 04, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-8891

    Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.... Read more

    Affected Products : lepton
    • Published: May. 10, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-39113

    In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Oct. 14, 2022
    • Modified: May. 15, 2025

  • 5.5

    MEDIUM
    CVE-2024-27343

    Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Apr. 03, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-51517

    Vulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-29782

    In tmu_get_tr_num_thresholds of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Apr. 05, 2024
    • Modified: Jun. 17, 2025

  • 5.5

    MEDIUM
    CVE-2018-9544

    In register_app of btif_hd.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed fo... Read more

    Affected Products : android
    • Published: Nov. 14, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-40774

    An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize.... Read more

    Affected Products : bento4
    • Published: Sep. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-26718

    KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection.... Read more

    Affected Products : internet_security
    • Published: Apr. 01, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-28666

    DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php... Read more

    Affected Products : dedecms
    • Published: Mar. 13, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-4104

    A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service.... Read more

    Affected Products : lepton
    • Published: Nov. 28, 2022
    • Modified: Apr. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-29952

    A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables. ... Read more

    Affected Products : brocade_sannav
    • Published: Apr. 17, 2024
    • Modified: Feb. 04, 2025
Showing 20 of 293634 Results