Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 3.3

    LOW
    CVE-2016-10772

    cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.07
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024
  • 3.3

    LOW
    CVE-2019-15339

    The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app... Read more

    Affected Products : z60s_firmware z60s
    • EPSS Score: %0.11
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024
  • 3.3

    LOW
    CVE-2024-27332

    PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: Apr. 01, 2024
    • Modified: Jul. 07, 2025
  • 3.3

    LOW
    CVE-2013-1444

    A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.... Read more

    Affected Products : txt2man txt2man
    • EPSS Score: %0.05
    • Published: Sep. 30, 2013
    • Modified: Apr. 11, 2025
  • 3.3

    LOW
    CVE-2016-4645

    CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.10
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025
  • 3.3

    LOW
    CVE-2016-5615

    Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025
  • 3.3

    LOW
    CVE-2015-8034

    The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.... Read more

    Affected Products : salt
    • EPSS Score: %0.04
    • Published: Jan. 30, 2017
    • Modified: Apr. 20, 2025
  • 3.3

    LOW
    CVE-2024-50057

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. Call devm_free_irq() only if client->irq is set. This fi... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024
  • 3.3

    LOW
    CVE-2017-1381

    IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. IBM X-Force ID: 127152.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.06
    • Published: Jul. 21, 2017
    • Modified: Apr. 20, 2025
  • 3.3

    LOW
    CVE-2015-8801

    Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.... Read more

    Affected Products : endpoint_protection_manager
    • EPSS Score: %0.06
    • Published: Jun. 30, 2016
    • Modified: Apr. 12, 2025
  • 3.3

    LOW
    CVE-2015-9543

    An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setu... Read more

    Affected Products : nova
    • EPSS Score: %0.13
    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024
  • 3.3

    LOW
    CVE-2024-50044

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl alway... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 08, 2024
  • 3.3

    LOW
    CVE-2017-3301

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Sol... Read more

    Affected Products : solaris
    • EPSS Score: %0.46
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025
  • 3.3

    LOW
    CVE-2013-2102

    The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information (diagnostics) by accessing the s... Read more

    • EPSS Score: %0.16
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025
  • 3.3

    LOW
    CVE-2016-4749

    Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025
  • 3.3

    LOW
    CVE-2023-6728

    Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows an attacker in possession of the encrypted file to decrypt the bof.cfg file and obtain the BOF configuration content.... Read more

    Affected Products :
    • Published: Oct. 17, 2024
    • Modified: Nov. 05, 2024
  • 3.3

    LOW
    CVE-2020-9203

    There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience.... Read more

    Affected Products : p30_firmware p30
    • EPSS Score: %0.02
    • Published: Jan. 13, 2021
    • Modified: Nov. 21, 2024
  • 3.3

    LOW
    CVE-2025-24336

    SXF Common Library handles input data improperly. If a product using the library reads a crafted file, the product may be crashed.... Read more

    Affected Products :
    • Published: Jan. 31, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Denial of Service
  • 3.3

    LOW
    CVE-2024-5198

    OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.... Read more

    Affected Products : openvpn-gui ovpn-dco-win
    • Published: Jan. 15, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Denial of Service
  • 3.3

    LOW
    CVE-2020-24003

    Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skyp... Read more

    Affected Products : skype
    • EPSS Score: %0.80
    • Published: Jan. 11, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291222 Results