Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-42774

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 5.5

    MEDIUM
    CVE-2023-23434

    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. ... Read more

    Affected Products : honorboardapp
    • Published: Dec. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-0430

    IObit Malware Fighter v11.0.0.1274 is vulnerable to a Denial of Service vulnerability by triggering the 0x8001E00C IOCTL code of the ImfHpRegFilter.sys driver.... Read more

    Affected Products : malware_fighter
    • Published: Jan. 22, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-43756

    in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read. ... Read more

    Affected Products : openharmony openharmony
    • Published: Feb. 02, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-1185

    A vulnerability classified as problematic has been found in Nsasoft NBMonitor Network Bandwidth Monitor 1.6.5.0. This affects an unknown part of the component Registration Handler. The manipulation leads to denial of service. The attack needs to be approa... Read more

    Affected Products : network_bandwidth_monitor
    • Published: Feb. 02, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-1002206

    SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.... Read more

    Affected Products : sharpcompress
    • Published: Jul. 25, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-1002208

    SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.... Read more

    Affected Products : sharpziplib
    • Published: Jul. 25, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-42392

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious fil... Read more

    • Published: Jan. 26, 2023
    • Modified: Nov. 27, 2024

  • 5.5

    MEDIUM
    CVE-2023-21442

    Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information.... Read more

    Affected Products : android
    • Published: Feb. 09, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34376

    Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. ... Read more

    • Published: Feb. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-1560

    A vulnerability, which was classified as problematic, has been found in TinyTIFF 3.0.0.0. This issue affects some unknown processing of the file tinytiffreader.c of the component File Handler. The manipulation leads to buffer overflow. Attacking locally i... Read more

    Affected Products : tinytiff
    • Published: Mar. 22, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-1575

    The Mega Main Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via some of its settings parameters in versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authent... Read more

    Affected Products : mega_main_menu
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-43610

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ... Read more

    Affected Products : coreldraw
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48375

    In contacts service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2006-5331

    The altivec_unavailable_exception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIG_ALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detect... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-2863

    A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in ... Read more

    Affected Products : diary_with_lock\
    • Published: May. 24, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21240

    In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. ... Read more

    Affected Products : android
    • Published: Jul. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-27947

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.... Read more

    Affected Products : macos
    • Published: Aug. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-22024

    In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has two setsockopt(2) options, RDS_CONN_RESET and RDS6_CONN_RESET, that are not re-entrant. A malicious local user with CAP_NET_ADMIN can use this to crash the kernel. CVSS 3.1 Base Score ... Read more

    Affected Products : linux vm_server
    • Published: Sep. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-40422

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to cause a denial-of-service.... Read more

    Affected Products : macos
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293633 Results