Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2025-21023

    Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information.... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2024-47576

    SAP Product Lifecycle Costing Client (versions below 4.7.1) application loads on demand a DLL that is available with Windows OS. This DLL is loaded from the computer running SAP Product Lifecycle Costing Client application. That particular DLL could be re... Read more

    Affected Products :
    • Published: Dec. 10, 2024
    • Modified: Dec. 10, 2024

  • 3.3

    LOW
    CVE-2014-6463

    Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.... Read more

    • EPSS Score: %0.54
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2012-4296

    Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.... Read more

    Affected Products : wireshark sunos opensuse
    • EPSS Score: %1.46
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2014-0027

    The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : flite
    • EPSS Score: %0.07
    • Published: Jan. 26, 2014
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-4285

    The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and applicatio... Read more

    • EPSS Score: %0.65
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-7048

    OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.... Read more

    Affected Products : nova
    • EPSS Score: %0.06
    • Published: Jan. 23, 2014
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-3644

    A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they shoul... Read more

    Affected Products : wildfly descision_manager
    • EPSS Score: %0.58
    • Published: Aug. 26, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-32054

    In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file... Read more

    Affected Products : intellij_idea
    • Published: Apr. 03, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2013-7458

    linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file.... Read more

    Affected Products : debian_linux redis
    • EPSS Score: %0.03
    • Published: Aug. 10, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2021-31153

    please before 0.4 allows a local unprivileged attacker to gain knowledge about the existence of files or directories in privileged locations via the search_path function, the --check option, or the -d option.... Read more

    Affected Products : please
    • EPSS Score: %0.05
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-0249

    Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS... Read more

    Affected Products : quagga
    • EPSS Score: %0.52
    • Published: Apr. 05, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2011-0007

    pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a USR1 signal is sent, or (2) pimd.cache when USR2 is sent.... Read more

    Affected Products : pimd
    • EPSS Score: %0.03
    • Published: Jan. 11, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-8933

    Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (menu unavailability).... Read more

    Affected Products : libmenu-cache
    • EPSS Score: %0.13
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2012-5238

    epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and applica... Read more

    Affected Products : wireshark
    • EPSS Score: %0.85
    • Published: Oct. 04, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-47896

    Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.... Read more

    Affected Products : ddk
    • Published: Feb. 22, 2025
    • Modified: Mar. 05, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2023-40386

    A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access Notes attachments.... Read more

    Affected Products : macos
    • EPSS Score: %0.11
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-30742

    Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permissio to get sim card information through device log.... Read more

    Affected Products : find_my_mobile
    • EPSS Score: %0.06
    • Published: Jun. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-0125

    Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 allows local users to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0126.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.16
    • Published: Mar. 28, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2022-20562

    In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not need... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Dec. 16, 2022
    • Modified: Apr. 21, 2025
Showing 20 of 291717 Results