Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-26083

    Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Dri... Read more

    • Actively Exploited
    • EPSS Score: %0.36
    • Published: Apr. 06, 2023
    • Modified: Jul. 30, 2025

  • 3.3

    LOW
    CVE-2025-46717

    sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no (or very limited) sudo privileges can determine whether files exists in folders that they otherwise cannot access using `sudo --list <pathname>`.... Read more

    Affected Products : sudo
    • Published: May. 12, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-30364

    Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2024-30350

    Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2016-7553

    The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.... Read more

    Affected Products : buf.pl
    • EPSS Score: %0.08
    • Published: Feb. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2014-6060

    The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed... Read more

    Affected Products : android dhcpcd
    • EPSS Score: %0.16
    • Published: Sep. 04, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-2924

    The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisemen... Read more

    Affected Products : networkmanager networkmanager
    • EPSS Score: %0.59
    • Published: Nov. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2011-0543

    Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.... Read more

    Affected Products : fuse
    • EPSS Score: %0.06
    • Published: Sep. 02, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2011-0541

    fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.... Read more

    Affected Products : fuse
    • EPSS Score: %0.04
    • Published: Sep. 02, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-2142

    userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or... Read more

    Affected Products : libimobiledevice
    • EPSS Score: %0.03
    • Published: Jan. 19, 2014
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-28197

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • EPSS Score: %0.12
    • Published: Jan. 10, 2024
    • Modified: Jun. 17, 2025

  • 3.3

    LOW
    CVE-2016-6224

    ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE... Read more

    Affected Products : ubuntu_linux ecryptfs-utils
    • EPSS Score: %0.10
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2013-2480

    The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.... Read more

    Affected Products : debian_linux wireshark opensuse
    • EPSS Score: %1.42
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-20834

    The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.... Read more

    Affected Products : android android dex
    • Published: Mar. 05, 2024
    • Modified: Feb. 10, 2025

  • 3.3

    LOW
    CVE-2023-20513

    An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service.... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Oct. 29, 2024

  • 3.3

    LOW
    CVE-2025-29446

    open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection.... Read more

    Affected Products : open_webui
    • Published: Apr. 21, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Server-Side Request Forgery

  • 3.3

    LOW
    CVE-2023-35022

    IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access. IBM X-Force ID: 258254.... Read more

    Affected Products : infosphere_information_server
    • Published: Jun. 30, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-1591

    Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.... Read more

    Affected Products : privilege_management_for_windows
    • Published: Feb. 16, 2024
    • Modified: Feb. 07, 2025

  • 3.3

    LOW
    CVE-2024-30135

    HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken.... Read more

    Affected Products :
    • Published: Jun. 28, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-25196

    Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_controller process. This vulnerability is triggerd via sending a crafted .yaml file.... Read more

    • Published: Feb. 20, 2024
    • Modified: Apr. 02, 2025
Showing 20 of 291401 Results