Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2013-5636

    Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism b... Read more

    Affected Products : endpoint_security
    • EPSS Score: %0.03
    • Published: Nov. 30, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-15466

    The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V10.2.6.0.ODMMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, version... Read more

    Affected Products : redmi_6_pro_firmware redmi_6_pro
    • EPSS Score: %0.12
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-14671

    Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fints_url to import/job/configuration, and import/create/fin... Read more

    Affected Products : firefly_iii
    • EPSS Score: %0.05
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-2291

    Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.... Read more

    Affected Products : couchdb-statistics
    • EPSS Score: %0.01
    • Published: Oct. 08, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-3700

    yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used u... Read more

    Affected Products : openldap2 yast2-security
    • EPSS Score: %0.04
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-7993

    Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012.... Read more

    • EPSS Score: %0.12
    • Published: Dec. 24, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2019-9277

    In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. P... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-27703

    The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug interface.... Read more

    Affected Products : pikpak
    • EPSS Score: %0.04
    • Published: Apr. 12, 2023
    • Modified: Feb. 10, 2025

  • 3.3

    LOW
    CVE-2013-2105

    The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.... Read more

    Affected Products : show_in_browser
    • EPSS Score: %0.06
    • Published: Apr. 22, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2021-3655

    A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.... Read more

    • EPSS Score: %0.02
    • Published: Aug. 05, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-2708

    Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege wi... Read more

    Affected Products : berkeley_db
    • EPSS Score: %1.28
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-51553

    Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 3.3

    LOW
    CVE-2024-51491

    notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature... Read more

    Affected Products : notation-go
    • Published: Jan. 13, 2025
    • Modified: Jan. 14, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2021-36086

    The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).... Read more

    Affected Products : fedora selinux
    • EPSS Score: %0.02
    • Published: Jul. 01, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-23257

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 16.7.6 and iPadOS 16.7.6. Processing an image may result in disclosure of process memory.... Read more

    Affected Products : macos iphone_os ipad_os ipados visionos
    • Published: Mar. 08, 2024
    • Modified: Mar. 27, 2025

  • 3.3

    LOW
    CVE-2024-23217

    A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy preferences.... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.01
    • Published: Jan. 23, 2024
    • Modified: May. 15, 2025

  • 3.3

    LOW
    CVE-2024-0149

    NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.... Read more

    Affected Products :
    • Published: Jan. 28, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-0123

    NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit... Read more

    Affected Products : cuda_toolkit
    • Published: Oct. 03, 2024
    • Modified: Oct. 04, 2024

  • 3.3

    LOW
    CVE-2020-8908

    A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, o... Read more

    • EPSS Score: %0.07
    • Published: Dec. 10, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-2763

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solari... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.07
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291551 Results