Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2016-5506

    Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server.... Read more

    Affected Products : identity_manager
    • EPSS Score: %0.11
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-40134

    In isFullScreen of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Oct. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-0238

    selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to obtain process listing information via a privilege escalation attack.... Read more

    Affected Products : openshift openshift
    • EPSS Score: %0.04
    • Published: Sep. 26, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2023-26427

    Default permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated the default permissions for noreply.properties set during package installation. No publicly available exploits are k... Read more

    • EPSS Score: %0.05
    • Published: Jun. 20, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-12548

    Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction i... Read more

    Affected Products : power_pdf
    • Published: Feb. 11, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2023-21346

    In the Device Idle Controller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Oct. 30, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-21349

    In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. Us... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Oct. 30, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-41310

    Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-42542

    Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device.... Read more

    Affected Products : push_service
    • EPSS Score: %0.09
    • Published: Nov. 07, 2023
    • Modified: Mar. 06, 2025

  • 3.3

    LOW
    CVE-2016-5508

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo.... Read more

    Affected Products : solaris_cluster
    • EPSS Score: %0.05
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-30750

    Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-36835

    Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.... Read more

    Affected Products : samsung_internet_browser
    • EPSS Score: %0.15
    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-23194

    Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1).... Read more

    Affected Products : command_centre
    • Published: Jul. 11, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-14329

    A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and ... Read more

    Affected Products : ansible_tower
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-5920

    Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input. ... Read more

    Affected Products : macos mattermost_desktop
    • EPSS Score: %0.08
    • Published: Nov. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-38591

    An issue was discovered on LG mobile devices with Android OS P and Q software for mt6762/mt6765/mt6883. Attackers can change some of the NvRAM content by leveraging the misconfiguration of a debug command. The LG ID is LVE-SMP-210005 (August 2021).... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-7993

    Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012.... Read more

    • EPSS Score: %0.12
    • Published: Dec. 24, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-23462

    An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of the Client Connector binary and thus removing client functionality.This issue affects Client Connector on MacOS: before 3.4. ... Read more

    Affected Products : client_connector
    • Published: May. 02, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-24973

    Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 31, 2024

  • 3.3

    LOW
    CVE-2023-40135

    In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Oct. 27, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291775 Results