Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2012-3151

    Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Unix and Linux platforms, allows local users to affect integrity and availability via unknown vectors.... Read more

    Affected Products : linux_kernel database_server
    • EPSS Score: %0.25
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-2048

    An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. This issue impacts: PAN-... Read more

    Affected Products : pan-os
    • EPSS Score: %0.05
    • Published: Nov. 12, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-3589

    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure wh... Read more

    • EPSS Score: %0.07
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2011-1072

    The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerabilit... Read more

    Affected Products : pear
    • EPSS Score: %0.08
    • Published: Mar. 03, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-2479

    The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.... Read more

    Affected Products : wireshark opensuse
    • EPSS Score: %1.12
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2010-3691

    PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file.... Read more

    Affected Products : phpcas phpcas
    • EPSS Score: %0.06
    • Published: Oct. 07, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2008-3699

    The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.... Read more

    Affected Products : amarok
    • EPSS Score: %0.03
    • Published: Aug. 14, 2008
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2019-15790

    Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit... Read more

    Affected Products : ubuntu_linux apport apport
    • EPSS Score: %0.09
    • Published: Apr. 28, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-1488

    A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.... Read more

    • EPSS Score: %0.46
    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-14378

    An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count i... Read more

    • EPSS Score: %0.08
    • Published: Sep. 30, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20320

    In ActivityManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. Us... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-2978

    IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938.... Read more

    Affected Products : sametime
    • EPSS Score: %0.05
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2022-20249

    In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15420

    The Blackview BV9000Pro-F Android device with a build fingerprint of Blackview/BV9000Pro-F/BV9000Pro-F:7.1.1/N4F26M/1514363110:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1... Read more

    Affected Products : bv9000pro-f_firmware bv9000pro-f
    • EPSS Score: %0.12
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-1183

    Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.... Read more

    Affected Products : solaris
    • EPSS Score: %0.07
    • Published: Mar. 29, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-18422

    In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.05
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-3204

    hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/hammer.log (aka the HH_LOG file) or (2) the REPORT_LOG file.... Read more

    Affected Products : hammerhead
    • EPSS Score: %0.03
    • Published: Sep. 06, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2022-20559

    In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no addit... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Dec. 16, 2022
    • Modified: Apr. 18, 2025

  • 3.3

    LOW
    CVE-2022-25826

    Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log... Read more

    Affected Products : galaxy_watch_3_plugin
    • EPSS Score: %0.13
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25398

    Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts.... Read more

    Affected Products : bixby_voice
    • EPSS Score: %0.06
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291275 Results