Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2009-0992

    Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained fr... Read more

    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2017-18449

    cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22571

    A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above.... Read more

    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2008-3984

    Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vul... Read more

    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2017-18385

    cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18360

    In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Jan. 31, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22467

    A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.... Read more

    Affected Products : harmonyos
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22479

    The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.... Read more

    Affected Products : harmonyos
    • Published: Feb. 25, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22466

    A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.... Read more

    Affected Products : harmonyos
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22456

    A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.... Read more

    Affected Products : harmonyos
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22462

    A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.... Read more

    Affected Products : harmonyos
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22399

    The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth funct... Read more

    Affected Products : p30_firmware p30
    • Published: Jul. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18323

    Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205,... Read more

    • Published: Jan. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22400

    Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected... Read more

    • Published: Aug. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22424

    A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.... Read more

    Affected Products : harmonyos
    • Published: Aug. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18292

    Secure app running in non secure space can restart TZ by calling Widevine app API repeatedly in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/1... Read more

    • Published: Oct. 23, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22366

    There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could c... Read more

    Affected Products : ese620x_vess_firmware ese620x_vess
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18300

    Secure display content could be accessed by third party trusted application after creating a fault in other trusted applications in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SDA660.... Read more

    • Published: Oct. 23, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18237

    An issue was discovered in Exempi before 2.4.3. The PostScript_Support::ConvertToDate function in XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers to cause a denial of service (invalid pointer dereference and application crash)... Read more

    Affected Products : exempi
    • Published: Mar. 15, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18257

    The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292818 Results