Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.9

    LOW
    CVE-2025-53177

    Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule syncing function of watches.... Read more

    Affected Products : emui harmonyos
    • Published: Jul. 07, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Authorization

  • 3.9

    LOW
    CVE-2024-41811

    ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will be unaffected by this once... Read more

    Affected Products :
    • Published: Aug. 05, 2024
    • Modified: Aug. 06, 2024

  • 3.9

    LOW
    CVE-2017-5684

    The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information.... Read more

    Affected Products : stk2mv64cc_bios stk2mv64cc
    • Published: Apr. 03, 2017
    • Modified: Apr. 20, 2025

  • 3.9

    LOW
    CVE-2017-5685

    The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information.... Read more

    Affected Products : nuc6i7kyk_bios nuc6i7kyk
    • Published: Apr. 03, 2017
    • Modified: Apr. 20, 2025

  • 3.9

    LOW
    CVE-2020-36314

    fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this... Read more

    Affected Products : fedora file-roller
    • Published: Apr. 07, 2021
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2023-31365

    An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 3.9

    LOW
    CVE-2025-1939

    Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability aff... Read more

    Affected Products : firefox
    • Published: Mar. 04, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Misconfiguration

  • 3.9

    LOW
    CVE-2018-20896

    cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2015-0849

    pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability.... Read more

    Affected Products : pycode-browser
    • Published: Jun. 26, 2025
    • Modified: Aug. 06, 2025

  • 3.9

    LOW
    CVE-2023-6690

    A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Serv... Read more

    Affected Products : enterprise_server
    • Published: Dec. 21, 2023
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2023-40732

    A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application does not invalidate the session token on logout. This could allow an attacker to perform session hijacking attacks.... Read more

    Affected Products : qms_automotive
    • Published: Sep. 12, 2023
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2024-6294

    udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by ... Read more

    Affected Products :
    • Published: Jun. 25, 2024
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2025-1693

    The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. This may result in the display of falsified messages that appear to ... Read more

    Affected Products : mongosh
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Injection

  • 3.9

    LOW
    CVE-2021-35549

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris execute... Read more

    Affected Products : solaris solaris
    • Published: Oct. 20, 2021
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2024-12970

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection.This issue affects Pardus OS My Computer: before 0.7.2.... Read more

    Affected Products : liderahenk parduslinux
    • Published: Jan. 06, 2025
    • Modified: Jan. 06, 2025
    • Vuln Type: Injection

  • 3.9

    LOW
    CVE-2022-21298

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Install). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris execute... Read more

    Affected Products : solaris solaris
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2023-3363

    An information disclosure issue in Gitlab CE/EE affecting all versions from 13.6 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1, resulted in the Sidekiq log including webhook tokens when the log format wa... Read more

    Affected Products : gitlab
    • Published: Jul. 13, 2023
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2019-2955

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logo... Read more

    Affected Products : database database_server
    • Published: Oct. 16, 2019
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2019-2954

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedur... Read more

    Affected Products : database database_server
    • Published: Oct. 16, 2019
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2020-1987

    An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alt... Read more

    Affected Products : globalprotect
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 293634 Results