Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2010-4648

    The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.23
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-3590

    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.5 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructur... Read more

    • EPSS Score: %0.07
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2011-0012

    The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name.... Read more

    Affected Products : firefox spice-xpi
    • EPSS Score: %0.03
    • Published: Apr. 18, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-0188

    A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component improperly provides kernel information. An attacker who success... Read more

    • EPSS Score: %5.11
    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2017-1088

    In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, the kernel does not properly clear the memory of the kld_file_stat structure before filling the data. Since the structure filled by the k... Read more

    Affected Products : freebsd
    • EPSS Score: %0.08
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-30908

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen.... Read more

    Affected Products : macos
    • EPSS Score: %0.05
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-37376

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • EPSS Score: %0.84
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-5985

    lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.... Read more

    Affected Products : lxc
    • EPSS Score: %0.09
    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2022-32913

    The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is cu... Read more

    Affected Products : macos iphone_os tvos watchos
    • EPSS Score: %0.05
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 3.3

    LOW
    CVE-2020-24512

    Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.05
    • Published: Jun. 09, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2007-5207

    guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.... Read more

    Affected Products : guilt
    • EPSS Score: %0.03
    • Published: Oct. 04, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2012-3378

    The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink ... Read more

    Affected Products : at-spi2-atk
    • EPSS Score: %0.06
    • Published: Aug. 31, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-4366

    Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to acces... Read more

    • EPSS Score: %7.87
    • Published: Nov. 20, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-3959

    VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module. A malicious actor with local non-admi... Read more

    Affected Products : workstation esxi fusion
    • EPSS Score: %0.10
    • Published: May. 29, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-7156

    The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (g... Read more

    Affected Products : xen
    • EPSS Score: %0.80
    • Published: Oct. 02, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2017-3498

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where So... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.07
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-40798

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to read Safari's browsing history.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 13, 2025

  • 3.3

    LOW
    CVE-2022-32296

    The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.03
    • Published: Jun. 05, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-5081

    Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.... Read more

    • EPSS Score: %0.02
    • Published: Oct. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2009-5081

    The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it... Read more

    Affected Products : groff
    • EPSS Score: %0.11
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291593 Results