Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-25833

    Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-36852

    Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data.... Read more

    Affected Products : android dex
    • EPSS Score: %0.03
    • Published: Sep. 09, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-30728

    Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jun. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-38129

    Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting versions 12.x up to and including 12.21. The vulnerability could be exploited by a non-privileged local user to access system monitoring data collected by Ope... Read more

    Affected Products : operations_agent
    • EPSS Score: %0.05
    • Published: Jan. 25, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-35903

    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exp... Read more

    Affected Products : microstation view
    • EPSS Score: %0.06
    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-24069

    Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a se... Read more

    • EPSS Score: %0.07
    • Published: Jan. 23, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-40708

    An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more

    • EPSS Score: %0.07
    • Published: Sep. 28, 2022
    • Modified: May. 20, 2025

  • 3.3

    LOW
    CVE-2023-28369

    Brother iPrint&Scan V6.11.2 and earlier contains an improper access control vulnerability. This vulnerability may be exploited by the other app installed on the victim user's Android device, which may lead to displaying the settings and/or log information... Read more

    Affected Products : iprint\&scan
    • EPSS Score: %0.08
    • Published: May. 18, 2023
    • Modified: Jan. 22, 2025

  • 3.3

    LOW
    CVE-2024-3125

    A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability affects unknown code of the file /settings of the component Alert Setup Page. The manipulation of the argument Address leads to cross site scripting. The attac... Read more

    Affected Products :
    • Published: Apr. 01, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-34671

    Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : internet
    • Published: Oct. 08, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-31071

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.... Read more

    Affected Products : openharmony openharmony
    • Published: Jul. 02, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0983

    In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure. This could lead to local information disclosure wit... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-32944

    Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer (.uar file, .zip file) to UTAU, an arbitrary file may be placed.... Read more

    Affected Products :
    • Published: May. 28, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-35311

    Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0, YubiKey Bio Series before 5.6.4, and YubiKey 5 FIPS before 5.7.2 have Incorrect Access Control.... Read more

    Affected Products :
    • Published: May. 29, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-2375

    An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-23194

    Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1).... Read more

    Affected Products : command_centre
    • Published: Jul. 11, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0995

    In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-5636

    Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism b... Read more

    Affected Products : endpoint_security
    • EPSS Score: %0.03
    • Published: Nov. 30, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-14396

    API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.07
    • Published: Jul. 30, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-4527

    ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : pcm600
    • EPSS Score: %0.05
    • Published: Jun. 10, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291887 Results