Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-1719

    Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page... Read more

    Affected Products : trudesk
    • Published: Sep. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-41525

    An issue related to modification of otherwise restricted files through a locally authenticated attacker exists in FlexNet inventory agent and inventory beacon versions 2020 R2.5 and prior.... Read more

    • Published: Sep. 21, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-15583

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. StickerProvider allows directory traversal for access to system files. The Samsung ID is SVE-2020-17665 (July 2020).... Read more

    Affected Products : android
    • Published: Jul. 07, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-5136

    An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.... Read more

    • Published: Nov. 08, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45947

    Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments).... Read more

    Affected Products : wasm3
    • Published: Jan. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45864

    tsMuxer git-c6a0277 was discovered to contain a segmentation fault via DTSStreamReader::findFrame in dtsStreamReader.cpp.... Read more

    Affected Products : tsmuxer
    • Published: Mar. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45928

    libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSecti... Read more

    Affected Products : libjxl
    • Published: Jan. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20051

    In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6853t mt6873 mt6875 mt6877 +53 more products
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46485

    Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_ValueIsNumber at src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).... Read more

    Affected Products : jsish
    • Published: Jan. 27, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20146

    In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not neede... Read more

    Affected Products : android
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46537

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x9a30e. This vulnerability can lead to a Denial of Service (DoS).... Read more

    Affected Products : mjs
    • Published: Jan. 27, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20323

    In PackageManager, there is a possible package installation disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: Andro... Read more

    Affected Products : android
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46748

    Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.... Read more

    • Published: Nov. 14, 2023
    • Modified: Feb. 13, 2025

  • 5.5

    MEDIUM
    CVE-2023-27338

    PDF-XChange Editor TIF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit ... Read more

    • Published: May. 03, 2024
    • Modified: May. 19, 2025

  • 5.5

    MEDIUM
    CVE-2021-22525

    This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1... Read more

    Affected Products : access_manager
    • Published: Sep. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-0020

    In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execut... Read more

    Affected Products : android
    • Published: Feb. 16, 2024
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2022-20527

    In HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC firmware with no additional execution privileges needed. User interaction is not needed fo... Read more

    Affected Products : android
    • Published: Dec. 16, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-37347

    Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This... Read more

    Affected Products : security windows
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-37373

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious fil... Read more

    • Published: Mar. 29, 2023
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-39322

    aimeos/ai-admin-jsonadm is the Aimeos e-commerce JSON API for administrative tasks. In versions prior to 2020.10.13, 2021.10.6, 2022.10.3, 2023.10.4, and 2024.4.2, improper access control allows editors to remove admin group and locale configuration in th... Read more

    Affected Products : ai-controller-frontend
    • Published: Jul. 02, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 293632 Results