Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2020-0390

    In the app zygote SE Policy, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Andro... Read more

    Affected Products : android
    • Published: Sep. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24465

    Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability... Read more

    Affected Products : intune_company_portal
    • Published: Mar. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-40112

    In ippSetValueTag of ipp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of past print jobs or other print-related information, with no additional execution privileges needed. User i... Read more

    Affected Products : android
    • Published: Feb. 15, 2024
    • Modified: Dec. 13, 2024

  • 5.5

    MEDIUM
    CVE-2023-45240

    Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.... Read more

    Affected Products : linux_kernel macos windows agent
    • Published: Oct. 05, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-5860

    In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, a data structure may be used without being initialized correctly.... Read more

    Affected Products : android
    • Published: Jun. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-22103

    Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).... Read more

    • Published: Jul. 02, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-40637

    In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Oct. 08, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-40642

    In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android sc9863a
    • Published: Oct. 08, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-40647

    In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android sc9863a
    • Published: Oct. 08, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-2984

    In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Oct. 14, 2022
    • Modified: May. 15, 2025

  • 5.5

    MEDIUM
    CVE-2021-46171

    Modex v2.11 was discovered to contain a NULL pointer dereference in set_create_id() at xtract.c.... Read more

    Affected Products : modex
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-10054

    A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application does not properly handle the import of large configuration files. A local attacker could import a specially crafted file which could lead... Read more

    Affected Products : simatic_rtls_locating_manager
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-25807

    An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte D... Read more

    Affected Products : universal_management_suite
    • Published: Jun. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-4688

    Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433.... Read more

    Affected Products : linux_kernel macos windows agent
    • Published: Aug. 31, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-23348

    HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed. ... Read more

    Affected Products : hcl_launch
    • Published: Jul. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-7495

    A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability during zip file extraction exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause un... Read more

    • Published: Jun. 16, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-47080

    Adobe Substance 3D Stager versions 2.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of t... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Dec. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-21971

    Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service.... Read more

    Affected Products :
    • Published: Feb. 12, 2025
    • Modified: Feb. 12, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2021-0616

    In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561389... Read more

    Affected Products : android
    • Published: Oct. 25, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-3343

    A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient ... Read more

    • Published: May. 22, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 293634 Results