Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.4

    LOW
    CVE-2022-41603

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 3.4

    LOW
    CVE-2022-41601

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 3.4

    LOW
    CVE-2022-41602

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: Nov. 21, 2024

  • 3.4

    LOW
    CVE-2024-20038

    In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495932; Issue ID: ALP... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6855 mt6873 +21 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 3.4

    LOW
    CVE-2016-3484

    Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : database database_server
    • EPSS Score: %0.12
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.4

    LOW
    CVE-2023-37900

    Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, a high-privileged user could create a Package referencing an arbitrarily large image containing that Crosspl... Read more

    Affected Products : crossplane crossplane
    • EPSS Score: %0.06
    • Published: Jul. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.4

    LOW
    CVE-2024-3568

    The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by ... Read more

    Affected Products : transformers
    • Published: Apr. 10, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-32268

    An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component.... Read more

    Affected Products :
    • Published: Apr. 29, 2024
    • Modified: Feb. 10, 2025

  • 3.3

    LOW
    CVE-2023-27502

    Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Mar. 14, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-0257

    RoboDK v5.5.4 is vulnerable to heap-based buffer overflow while processing a specific project file. The resulting memory corruption may crash the application. ... Read more

    Affected Products : robodk
    • Published: Apr. 17, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-25196

    Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_controller process. This vulnerability is triggerd via sending a crafted .yaml file.... Read more

    • Published: Feb. 20, 2024
    • Modified: Apr. 02, 2025

  • 3.3

    LOW
    CVE-2024-1591

    Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.... Read more

    Affected Products : privilege_management_for_windows
    • Published: Feb. 16, 2024
    • Modified: Feb. 07, 2025

  • 3.3

    LOW
    CVE-2020-14329

    A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and ... Read more

    Affected Products : ansible_tower
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-54125

    Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a... Read more

    Affected Products :
    • Published: Dec. 17, 2024
    • Modified: Dec. 17, 2024

  • 3.3

    LOW
    CVE-2020-14328

    A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more ... Read more

    Affected Products : ansible_tower
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22294

    A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.... Read more

    Affected Products : harmonyos
    • EPSS Score: %0.02
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-10698

    A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it ... Read more

    Affected Products : ansible_tower
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-3588

    The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.... Read more

    Affected Products : bluez
    • EPSS Score: %0.04
    • Published: Jun. 10, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-5899

    When Bazel Plugin in intellij imports a project (either using "import project" or "Auto import") the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls Project... Read more

    • Published: Jun. 18, 2024
    • Modified: Jul. 23, 2025

  • 3.3

    LOW
    CVE-2007-5207

    guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.... Read more

    Affected Products : guilt
    • EPSS Score: %0.03
    • Published: Oct. 04, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291616 Results