Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2019-8842

    A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arb... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.17
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-42098

    Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulne... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2023-40427

    The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.03
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-40434

    A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access a user's Photos Library.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.08
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-41310

    Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-40392

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.5. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.08
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1833

    Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.03
    • Published: Oct. 03, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2018-6382

    MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended ... Read more

    Affected Products : mantisbt
    • EPSS Score: %0.09
    • Published: Jan. 30, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-1043

    The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors.... Read more

    Affected Products : player workstation fusion
    • EPSS Score: %0.20
    • Published: Jan. 29, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-40439

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.06
    • Published: Jan. 10, 2024
    • Modified: Jun. 11, 2025

  • 3.3

    LOW
    CVE-2010-2283

    The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.... Read more

    Affected Products : wireshark
    • EPSS Score: %1.02
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-0459

    In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configuration data due to a missing permission check. This could lead to local information disclosure of WiFi network names with no additional e... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 14, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-8857

    The issue was addressed with improved validation when an iCloud Link is created. This issue is fixed in iOS 13.3 and iPadOS 13.3. Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.07
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-0481

    In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User inte... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-6331

    An issue was found in Samsung Mobile Print (Android) versions prior to 4.08.007. A potential security vulnerability caused by incomplete obfuscation of application configuration information.... Read more

    Affected Products : samsung_mobile_print
    • EPSS Score: %0.08
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-9292

    In the Activity Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of current foreground process with no additional execution privileges needed. User interaction is not needed for expl... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-0422

    In constructImportFailureNotification of NotificationImportExportListener.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. U... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Oct. 14, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-1444

    A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.... Read more

    Affected Products : txt2man txt2man
    • EPSS Score: %0.05
    • Published: Sep. 30, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-43841

    In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: avoid reporting connection success with wrong SSID When user issues a connection with a different SSID than the one virt_wifi has advertised, the __cfg80211_connect_res... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Oct. 29, 2024

  • 3.3

    LOW
    CVE-2015-0858

    Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.... Read more

    Affected Products : debian_linux tardiff
    • EPSS Score: %0.04
    • Published: May. 06, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292425 Results