Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-1369

    A vulnerability was found in TG Soft Vir.IT eXplorer 9.4.86.0. It has been rated as problematic. This issue affects the function 0x82730088 in the library VIRAGTLT.sys of the component IoControlCode Handler. The manipulation leads to denial of service. Th... Read more

    Affected Products : vir.it_explorer viragtlt.sys
    • Published: Mar. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-25771

    An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the abil... Read more

    Affected Products : windows apex_one
    • Published: Sep. 29, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22318

    A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service.... Read more

    Affected Products : harmonyos
    • Published: Jul. 14, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-39210

    Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access.... Read more

    Affected Products : meeting_software_development_kit
    • Published: Aug. 08, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-20949

    In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploita... Read more

    Affected Products : android
    • Published: Feb. 15, 2023
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-20979

    In GetNextSourceDataPacket of bta_av_co.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati... Read more

    Affected Products : android
    • Published: Mar. 24, 2023
    • Modified: Feb. 25, 2025

  • 5.5

    MEDIUM
    CVE-2023-21087

    In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Produc... Read more

    Affected Products : android
    • Published: Apr. 19, 2023
    • Modified: Feb. 05, 2025

  • 5.5

    MEDIUM
    CVE-2023-38466

    In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges... Read more

    Affected Products : android s8000 sc9832e sc9863a t310 t606 t610 t612 t616 t618 +3 more products
    • Published: Sep. 04, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-40719

    A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials.... Read more

    Affected Products : fortimanager fortianalyzer
    • Published: Nov. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21435

    Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.... Read more

    Affected Products : android android dex
    • Published: Feb. 09, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41057

    hyper-bump-it is a command line tool for updating the version in project files.`hyper-bump-it` reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find fi... Read more

    Affected Products : hyper_bump_it
    • Published: Sep. 04, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41079

    The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14. An app may be able to bypass Privacy preferences.... Read more

    Affected Products : macos
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-42081

    PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: May. 03, 2024
    • Modified: May. 16, 2025

  • 5.5

    MEDIUM
    CVE-2023-42113

    PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-20942

    In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges n... Read more

    Affected Products : android
    • Published: Jul. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21377

    In SELinux Policy, there is a possible restriction bypass due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Oct. 30, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-46017

    SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.... Read more

    Affected Products : blood_bank
    • Published: Nov. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-3506

    Cross-site Scripting (XSS) - Stored in GitHub repository barrykooij/related-posts-for-wp prior to 2.1.3.... Read more

    Affected Products : related_posts
    • Published: Oct. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-47217

    in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow.... Read more

    Affected Products : openharmony openharmony
    • Published: Nov. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-48360

    in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer.... Read more

    Affected Products : openharmony openharmony
    • Published: Jan. 02, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 293639 Results