Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.9

    LOW
    CVE-2020-1987

    An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alt... Read more

    Affected Products : globalprotect
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2021-35549

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris execute... Read more

    Affected Products : solaris solaris
    • Published: Oct. 20, 2021
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2020-2731

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the i... Read more

    Affected Products : database database_server
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2023-48184

    QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures.... Read more

    Affected Products : quickjs
    • Published: Apr. 23, 2024
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2024-34274

    OpenBD 20210306203917-6cbe797 is vulnerable to Deserialization of Untrusted Data. The cookies bdglobals and bdclient_spot of the OpenBD software uses serialized data, which can be used to execute arbitrary code on the system. NOTE: This vulnerability only... Read more

    Affected Products :
    • Published: May. 21, 2024
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2024-31636

    An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component.... Read more

    Affected Products : lief
    • Published: May. 03, 2024
    • Modified: Aug. 21, 2025

  • 3.9

    LOW
    CVE-2023-3363

    An information disclosure issue in Gitlab CE/EE affecting all versions from 13.6 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1, resulted in the Sidekiq log including webhook tokens when the log format wa... Read more

    Affected Products : gitlab
    • Published: Jul. 13, 2023
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2022-24000

    PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.... Read more

    Affected Products : android dex
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2025-1693

    The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. This may result in the display of falsified messages that appear to ... Read more

    Affected Products : mongosh
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Injection

  • 3.9

    LOW
    CVE-2023-31365

    An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 3.9

    LOW
    CVE-2025-1939

    Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability aff... Read more

    Affected Products : firefox
    • Published: Mar. 04, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Misconfiguration

  • 3.9

    LOW
    CVE-2021-46772

    Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption ... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Nov. 05, 2024

  • 3.9

    LOW
    CVE-2024-41511

    A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter.... Read more

    Affected Products : cadclick
    • Published: Oct. 04, 2024
    • Modified: Jun. 02, 2025

  • 3.9

    LOW
    CVE-2021-22745

    Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in th... Read more

    • Published: May. 26, 2021
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2021-22744

    Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in th... Read more

    • Published: May. 26, 2021
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2019-5296

    Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insufficient input verification, successful exploit may caus... Read more

    Affected Products : mate20_firmware mate20
    • Published: Jun. 04, 2019
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2025-44964

    A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.... Read more

    Affected Products : bluestacks
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Cryptography

  • 3.9

    LOW
    CVE-2025-53177

    Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule syncing function of watches.... Read more

    Affected Products : emui harmonyos
    • Published: Jul. 07, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Authorization

  • 3.9

    LOW
    CVE-2019-2807

    Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zones). The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure wher... Read more

    Affected Products : solaris solaris
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2025-0575

    A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as problematic. This vulnerability affects unknown code of the component Rooting Detection. The manipulation leads to protection mechanism failure. The attack need... Read more

    Affected Products :
    • Published: Jan. 19, 2025
    • Modified: Jan. 19, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 293608 Results