Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2020-14759

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris execut... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.07
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-12755

    fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password.... Read more

    Affected Products : kio-extras
    • EPSS Score: %0.11
    • Published: May. 09, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-34563

    In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be read or set by client-side JavaScript.... Read more

    • EPSS Score: %0.10
    • Published: Aug. 31, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-24145

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone number in system logs.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 27, 2025
    • Modified: Feb. 04, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-44172

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, macOS Sequoia 15. An app may be able to access contacts.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-54516

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to approve a launch daemon without user consent.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2017-3590

    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.5 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructur... Read more

    • EPSS Score: %0.07
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2025-0245

    Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed. This vulnerability affects Firefox < 134.... Read more

    Affected Products : firefox
    • Published: Jan. 07, 2025
    • Modified: Apr. 03, 2025
    • Vuln Type: Authentication

  • 3.3

    LOW
    CVE-2025-23378

    Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclos... Read more

    Affected Products : powerscale_onefs powerscale_onefs
    • Published: Apr. 10, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2021-36282

    Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to gain access up to 24 bytes of data w... Read more

    • EPSS Score: %0.05
    • Published: Aug. 16, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-3659

    The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly connect to Wi-Fi access points, which allows remote attackers to obtain sensitive information by leveraging presence in an 802.11 network's coverage area.... Read more

    Affected Products : overseas_usage
    • EPSS Score: %0.20
    • Published: Aug. 09, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2014-4206

    Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows local users to affect integrity and availability via unknown vectors related to Data Synchronizer.... Read more

    Affected Products : hyperion
    • EPSS Score: %0.08
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2013-2105

    The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.... Read more

    Affected Products : show_in_browser
    • EPSS Score: %0.06
    • Published: Apr. 22, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2012-0125

    Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 allows local users to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0126.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.16
    • Published: Mar. 28, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-0174

    Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access.... Read more

    • EPSS Score: %0.18
    • Published: Jun. 13, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-4046

    The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.... Read more

    Affected Products : dcs-932l_firmware dcs-932l
    • EPSS Score: %0.05
    • Published: Dec. 24, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2009-2977

    The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by ... Read more

    Affected Products : cs-mars
    • EPSS Score: %0.17
    • Published: Aug. 27, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2023-51568

    Kofax Power PDF OXPS File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this ... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 3.3

    LOW
    CVE-2022-35900

    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a JP2 file containing crafted data can force an out-of-bounds read. Exp... Read more

    Affected Products : microstation view
    • EPSS Score: %0.06
    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25404

    Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.... Read more

    • EPSS Score: %0.06
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291647 Results