Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-0257

    RoboDK v5.5.4 is vulnerable to heap-based buffer overflow while processing a specific project file. The resulting memory corruption may crash the application. ... Read more

    Affected Products : robodk
    • Published: Apr. 17, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-30135

    HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken.... Read more

    Affected Products :
    • Published: Jun. 28, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-31870

    IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather inform... Read more

    Affected Products : i
    • Published: Jun. 15, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-27502

    Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Mar. 14, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-32268

    An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component.... Read more

    Affected Products :
    • Published: Apr. 29, 2024
    • Modified: Feb. 10, 2025

  • 3.3

    LOW
    CVE-2021-39739

    In ArrayMap, there is a possible leak of the content of SMS messages due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: Andro... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Mar. 30, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2007-5207

    guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.... Read more

    Affected Products : guilt
    • EPSS Score: %0.03
    • Published: Oct. 04, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2024-27332

    PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: Apr. 01, 2024
    • Modified: Jul. 07, 2025

  • 3.3

    LOW
    CVE-2025-20613

    Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Cryptography

  • 3.3

    LOW
    CVE-2020-9250

    There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the servic... Read more

    Affected Products : mate_20_pro_firmware mate_20_pro
    • Published: Dec. 20, 2024
    • Modified: Jul. 11, 2025

  • 3.3

    LOW
    CVE-2021-35000

    OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability ... Read more

    Affected Products : openbsd
    • Published: May. 07, 2024
    • Modified: Aug. 14, 2025

  • 3.3

    LOW
    CVE-2020-9102

    There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the... Read more

    • EPSS Score: %0.02
    • Published: Jul. 17, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1144

    The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnera... Read more

    Affected Products : pear
    • EPSS Score: %0.12
    • Published: Mar. 03, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2010-2794

    The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file.... Read more

    Affected Products : firefox spice-xpi
    • EPSS Score: %0.03
    • Published: Aug. 30, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2016-5499

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498.... Read more

    Affected Products : database_server
    • EPSS Score: %0.12
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2020-3972

    VMware Tools for macOS (11.x.x and prior before 11.1.1) contains a denial-of-service vulnerability in the Host-Guest File System (HGFS) implementation. Successful exploitation of this issue may allow attackers with non-admin privileges on guest macOS virt... Read more

    Affected Products : macos tools
    • EPSS Score: %0.04
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-13232

    Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.... Read more

    Affected Products : debian_linux unzip
    • EPSS Score: %0.05
    • Published: Jul. 04, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-19057

    Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failur... Read more

    • EPSS Score: %0.08
    • Published: Nov. 18, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-5928

    In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times.... Read more

    • EPSS Score: %0.04
    • Published: Aug. 26, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-5831

    Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been all... Read more

    Affected Products : endpoint_protection_manager
    • EPSS Score: %0.07
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291890 Results