Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-39341

    "FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 ... Read more

    • EPSS Score: %0.03
    • Published: Aug. 09, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-33879

    In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • EPSS Score: %0.02
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20252

    In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. Use... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-5812

    A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request.... Read more

    Affected Products : beyondinsight_password_safe
    • Published: Jun. 11, 2024
    • Modified: Feb. 11, 2025

  • 3.3

    LOW
    CVE-2022-20339

    In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. This could lead to local information disclosure of network topography with no additional execution privileges needed. User interaction ... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20335

    In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been disabled due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-18427

    In cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.05
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2008-1832

    lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.... Read more

    Affected Products : cecilia
    • EPSS Score: %0.03
    • Published: Apr. 16, 2008
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2017-17289

    Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. The software d... Read more

    • EPSS Score: %0.02
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2007-4590

    The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact an... Read more

    Affected Products : hp-ux dynrootdisk ignite-ux
    • EPSS Score: %0.08
    • Published: Aug. 29, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2019-14396

    API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.07
    • Published: Jul. 30, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-21074

    An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018).... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20558

    In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n... Read more

    Affected Products : android
    • EPSS Score: %0.00
    • Published: Dec. 16, 2022
    • Modified: Apr. 18, 2025

  • 3.3

    LOW
    CVE-2011-0345

    Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable.... Read more

    Affected Products : omnivista
    • EPSS Score: %0.30
    • Published: Mar. 08, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2022-48435

    In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file... Read more

    Affected Products : phpstorm
    • EPSS Score: %0.00
    • Published: Apr. 04, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-3700

    yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used u... Read more

    Affected Products : openldap2 yast2-security
    • EPSS Score: %0.04
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-14671

    Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fints_url to import/job/configuration, and import/create/fin... Read more

    Affected Products : firefly_iii
    • EPSS Score: %0.05
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-2291

    Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.... Read more

    Affected Products : couchdb-statistics
    • EPSS Score: %0.01
    • Published: Oct. 08, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20519

    In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User intera... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Dec. 16, 2022
    • Modified: Apr. 18, 2025

  • 3.3

    LOW
    CVE-2022-20307

    In AlarmManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 291608 Results