Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2016-4516

    ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : pcm600
    • EPSS Score: %0.05
    • Published: Jun. 10, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-20318

    In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. U... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20316

    In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. Us... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-4691

    Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets.... Read more

    • EPSS Score: %0.10
    • Published: Dec. 18, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2009-4454

    vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite arbitrary files via a symlink attack on /var/log/videocache/vccleaner.log.... Read more

    Affected Products : videocache
    • EPSS Score: %0.06
    • Published: Dec. 29, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2012-4610

    EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client.... Read more

    Affected Products : avamar
    • EPSS Score: %0.18
    • Published: Oct. 31, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-1945

    ruby193 uses an insecure LD_LIBRARY_PATH setting.... Read more

    Affected Products : ruby193
    • EPSS Score: %0.11
    • Published: Oct. 31, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2003-1366

    chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.21
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 3.3

    LOW
    CVE-2018-5552

    Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper".... Read more

    Affected Products : dtisqlinstaller
    • EPSS Score: %0.02
    • Published: Mar. 19, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-0183

    Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.05
    • Published: Jun. 13, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-15100

    In freewvs before 0.1.1, a user could create a large file that freewvs will try to read, which will terminate a scan process. This has been patched in 0.1.1.... Read more

    Affected Products : freewvs
    • EPSS Score: %0.06
    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5506

    Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server.... Read more

    Affected Products : identity_manager
    • EPSS Score: %0.11
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-5508

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo.... Read more

    Affected Products : solaris_cluster
    • EPSS Score: %0.05
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-2263

    Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5, 5.2.x before 5.2.5, and 5.3.x before 5.3.3 uses global read permissions for files in its configuration directory when starting YARN NodeManager, which allows local users to obtain sensitive inf... Read more

    Affected Products : cloudera_manager
    • EPSS Score: %0.04
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2019-14410

    Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.07
    • Published: Jul. 30, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-4736

    The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local user... Read more

    Affected Products : safeguard_enterprise
    • EPSS Score: %0.05
    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-1000242

    Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure... Read more

    Affected Products : git_client
    • EPSS Score: %0.01
    • Published: Nov. 01, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2022-35798

    Azure Arc Jumpstart Information Disclosure Vulnerability... Read more

    Affected Products : azure_arc_jumpstart
    • EPSS Score: %0.42
    • Published: May. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-21436

    Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.... Read more

    Affected Products : android android dex
    • EPSS Score: %0.09
    • Published: Feb. 09, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20525

    In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User in... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 16, 2022
    • Modified: Apr. 21, 2025
Showing 20 of 291551 Results