Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2016-6720

    An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outsid... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Dec. 13, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-1645

    Windows Docker Information Disclosure Vulnerability... Read more

    • EPSS Score: %15.40
    • Published: Jan. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-6721

    An information disclosure vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could ... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6718

    An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016-11-01 could enable a local malicious application to retrieve sensitive information without user interaction. This issue is rated as Moderate because it is a ... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6689

    Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347.... Read more

    Affected Products : android
    • EPSS Score: %0.80
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6688

    The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6686

    The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-1546

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerabilit... Read more

    • EPSS Score: %0.15
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-6683

    The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6684

    The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243.... Read more

    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6677

    The NVIDIA GPU driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30259955.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6679

    CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes a setwpaie ioctl call, aka Android internal... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6678

    The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 29914434.... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2021-1450

    A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the ... Read more

    • EPSS Score: %0.06
    • Published: Feb. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-6587

    An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android before 3.16, which could let a local malicious user obtain sensitive information.... Read more

    Affected Products : norton_mobile_security
    • EPSS Score: %0.13
    • Published: Jan. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1519

    A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. The vulnerability is due to insufficient vali... Read more

    Affected Products : anyconnect_secure_mobility_client
    • EPSS Score: %0.05
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2006-4169

    Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev before 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the help parameter to (1) gpg_help... Read more

    Affected Products : gpg_plugin
    • EPSS Score: %0.73
    • Published: Jul. 15, 2007
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2021-1438

    A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of ... Read more

    Affected Products : wide_area_application_services
    • EPSS Score: %0.05
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-1369

    A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the impro... Read more

    • EPSS Score: %0.53
    • Published: Apr. 29, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-6494

    The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.... Read more

    Affected Products : fedora mongodb
    • EPSS Score: %0.08
    • Published: Oct. 03, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292731 Results