Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2014-9770

    tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.... Read more

    Affected Products : opensuse
    • EPSS Score: %0.10
    • Published: Apr. 20, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2020-24512

    Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.05
    • Published: Jun. 09, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-42834

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compressi... Read more

    Affected Products : macos
    • EPSS Score: %0.03
    • Published: Jun. 23, 2023
    • Modified: Dec. 10, 2024

  • 3.3

    LOW
    CVE-2024-30364

    Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2024-30350

    Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2017-5985

    lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.... Read more

    Affected Products : lxc
    • EPSS Score: %0.09
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2025-46614

    In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Information into a Log File.... Read more

    Affected Products :
    • Published: Apr. 28, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-46330

    libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status code 400, as able to be retried. This could hang the application until SF_CON_... Read more

    Affected Products : connector_for_c\/c\+\+
    • Published: Apr. 29, 2025
    • Modified: May. 09, 2025

  • 3.3

    LOW
    CVE-2023-28902

    An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. The vulnerability was originally discovered in Skoda Superb III ca... Read more

    Affected Products :
    • Published: Jun. 28, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2025-21023

    Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information.... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2017-7138

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2015-8034

    The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.... Read more

    Affected Products : salt
    • EPSS Score: %0.04
    • Published: Jan. 30, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2019-8857

    The issue was addressed with improved validation when an iCloud Link is created. This issue is fixed in iOS 13.3 and iPadOS 13.3. Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.07
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-16126

    An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages ... Read more

    Affected Products : accountsservice
    • EPSS Score: %0.89
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-8630

    The issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen may show a locked icon after unlocking.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.12
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-4645

    CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.10
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2018-4322

    This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-5910

    IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network.... Read more

    Affected Products : xcode
    • EPSS Score: %0.14
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-4749

    Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Sep. 18, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2017-1381

    IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. IBM X-Force ID: 127152.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.06
    • Published: Jul. 21, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291737 Results