Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-34117

    Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access.... Read more

    Affected Products : zoom_software_development_kit
    • EPSS Score: %0.04
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-30618

    Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. Kitchen-Terraform v7.0.0 introduced a regression whic... Read more

    Affected Products : kitchen-terraform
    • EPSS Score: %0.03
    • Published: Apr. 21, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-1478

    IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613.... Read more

    • EPSS Score: %0.09
    • Published: Jan. 11, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-21452

    Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.... Read more

    Affected Products : android android dex
    • EPSS Score: %0.08
    • Published: Mar. 16, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-25189

    BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to read BTS service operation details performed by Nokia Care... Read more

    Affected Products :
    • Published: Sep. 25, 2024
    • Modified: Oct. 29, 2024

  • 3.3

    LOW
    CVE-2024-28811

    An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations.... Read more

    Affected Products : hit_7300_firmware hit_7300
    • Published: Sep. 30, 2024
    • Modified: May. 30, 2025

  • 3.3

    LOW
    CVE-2024-32268

    An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component.... Read more

    Affected Products :
    • Published: Apr. 29, 2024
    • Modified: Feb. 10, 2025

  • 3.3

    LOW
    CVE-2020-9203

    There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience.... Read more

    Affected Products : p30_firmware p30
    • EPSS Score: %0.02
    • Published: Jan. 13, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-24003

    Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skyp... Read more

    Affected Products : skype
    • EPSS Score: %0.80
    • Published: Jan. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-37395

    IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.... Read more

    Affected Products : aspera_faspex
    • Published: Dec. 11, 2024
    • Modified: Jan. 07, 2025

  • 3.3

    LOW
    CVE-2016-0202

    A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.... Read more

    Affected Products : cloud_orchestrator
    • EPSS Score: %0.11
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-25486

    Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-1031

    In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-1018

    In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional executi... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5938

    IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system.... Read more

    Affected Products : kenexa_lms kenexa_lms_on_cloud
    • EPSS Score: %0.06
    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-0992

    In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0990

    In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional exec... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-10118

    Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.... Read more

    Affected Products : firejail
    • EPSS Score: %0.04
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-36319

    Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.... Read more

    Affected Products : networking_os10
    • EPSS Score: %0.05
    • Published: Nov. 20, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-18900

    A heap-based buffer overflow in the libexe_io_handle_read_coff_optional_header function of libyal libexe before 20181128. NOTE: the vendor has disputed this as described in libyal/libexe issue 1 on GitHub... Read more

    Affected Products : libexe
    • EPSS Score: %0.05
    • Published: Aug. 19, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291564 Results