Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2019-15383

    The Allview X5 Android device with a build fingerprint of ALLVIEW/X5_Soul_Mini/X5_Soul_Mini:8.1.0/O11019/1522468763:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) th... Read more

    Affected Products : soul_x5_firmware soul_x5
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27863

    An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. A local attacker may be able to determine kernel... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Jul. 29, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2019-15373

    The Symphony i95 Lite Android device with a build fingerprint of LAVA/iris88_lite/iris88_lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that ... Read more

    Affected Products : i95_lite_firmware i95_lite
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26160

    Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability... Read more

    • Published: Mar. 12, 2024
    • Modified: Dec. 27, 2024

  • 5.5

    MEDIUM
    CVE-2019-15369

    The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61_Turbo/Z61_Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows ... Read more

    Affected Products : z61_turbo_firmware z61_turbo
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15368

    The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allow... Read more

    Affected Products : mega_5_firmware mega_5
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-23770

    darkhttpd through 1.15 allows local users to discover credentials (for --auth) by listing processes and their arguments.... Read more

    Affected Products : darkhttpd
    • Published: Jan. 22, 2024
    • Modified: May. 30, 2025

  • 5.5

    MEDIUM
    CVE-2024-23224

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.3, macOS Ventura 13.6.4. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Jan. 23, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-22368

    The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells.... Read more

    Affected Products : spreadsheet\
    • Published: Jan. 09, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2019-15363

    The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power_5/Power_5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows an... Read more

    Affected Products : power_5_firmware power_5
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15353

    The Coolpad N3C Android device with a build fingerprint of Coolpad/N3C/N3C:8.1.0/O11019/1538236809:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-l... Read more

    Affected Products : n3c_firmware n3c
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-20737

    After Effects versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos windows after_effects
    • Published: Apr. 10, 2024
    • Modified: Dec. 05, 2024

  • 5.5

    MEDIUM
    CVE-2024-20734

    Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation... Read more

    • Published: Feb. 15, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-20694

    Windows CoreMessaging Information Disclosure Vulnerability... Read more

    • Published: Jan. 09, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-1816

    An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenA... Read more

    Affected Products : gitlab
    • Published: Jun. 27, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-0911

    A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash.... Read more

    Affected Products : indent
    • Published: Feb. 06, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-0684

    A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.... Read more

    Affected Products : coreutils
    • Published: Feb. 06, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15359

    The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-loc... Read more

    Affected Products : a6_firmware a6
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-15360

    The Hisense U965 Android device with a build fingerprint of Hisense/U965_4G_10/HS6739MT:8.1.0/O11019/Hisense_U965_4G_10_S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0)... Read more

    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-48635

    Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as A... Read more

    Affected Products : macos windows after_effects
    • Published: Dec. 13, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 292767 Results