Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.9

    LOW
    CVE-2022-39403

    Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MyS... Read more

    Affected Products : mysql mysql_server
    • Published: Oct. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2021-26387

    Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Oct. 30, 2024

  • 3.9

    LOW
    CVE-2020-1987

    An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alt... Read more

    Affected Products : globalprotect
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2023-47282

    Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: May. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2020-14264

    "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK"... Read more

    Affected Products : traveler_companion
    • Published: Oct. 25, 2021
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2020-14263

    "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK"... Read more

    Affected Products : traveler_companion
    • Published: Oct. 21, 2021
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2024-12970

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection.This issue affects Pardus OS My Computer: before 0.7.2.... Read more

    Affected Products : liderahenk parduslinux
    • Published: Jan. 06, 2025
    • Modified: Jan. 06, 2025
    • Vuln Type: Injection

  • 3.9

    LOW
    CVE-2025-0575

    A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as problematic. This vulnerability affects unknown code of the component Rooting Detection. The manipulation leads to protection mechanism failure. The attack need... Read more

    Affected Products :
    • Published: Jan. 19, 2025
    • Modified: Jan. 19, 2025
    • Vuln Type: Misconfiguration

  • 3.9

    LOW
    CVE-2024-27086

    The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android (e.g., MAUI) using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. ... Read more

    Affected Products :
    • Published: Apr. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2023-37540

    Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensitive data can lead to exposure of that data. ... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 29, 2024

  • 3.9

    LOW
    CVE-2015-0849

    pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability.... Read more

    Affected Products : pycode-browser
    • Published: Jun. 26, 2025
    • Modified: Aug. 06, 2025

  • 3.9

    LOW
    CVE-2018-20896

    cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2020-2731

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the i... Read more

    Affected Products : database database_server
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2021-22742

    Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in th... Read more

    • Published: May. 26, 2021
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2019-9700

    Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic.... Read more

    • Published: Jul. 16, 2019
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2021-25266

    An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.349... Read more

    Affected Products : intercept_x authenticator
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2022-1230

    This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit... Read more

    Affected Products : galaxy_s21_firmware galaxy_s21
    • Published: Mar. 28, 2023
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2019-0127

    Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products : linux_kernel openvino
    • Published: Feb. 18, 2019
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2022-23999

    PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.... Read more

    Affected Products : android dex
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.9

    LOW
    CVE-2017-5686

    The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information.... Read more

    • Published: Apr. 03, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293934 Results