Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2021-39628

    In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed fo... Read more

    Affected Products : android
    • EPSS Score: %0.05
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-35005

    This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ... Read more

    Affected Products : teamviewer
    • EPSS Score: %0.05
    • Published: Jan. 24, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-9757

    Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 3.3

    LOW
    CVE-2022-0131

    Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.... Read more

    Affected Products : jimoty
    • EPSS Score: %0.05
    • Published: Jan. 17, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-14328

    A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more ... Read more

    Affected Products : ansible_tower
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-10698

    A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it ... Read more

    Affected Products : ansible_tower
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-32944

    Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer (.uar file, .zip file) to UTAU, an arbitrary file may be placed.... Read more

    Affected Products :
    • Published: May. 28, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25403

    Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component.... Read more

    Affected Products : android account
    • EPSS Score: %0.06
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-2375

    An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-13599

    Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q... Read more

    Affected Products : zephyr
    • EPSS Score: %0.04
    • Published: May. 25, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0995

    In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0983

    In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure. This could lead to local information disclosure wit... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-14329

    A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and ... Read more

    Affected Products : ansible_tower
    • EPSS Score: %0.04
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-0481

    In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user.... Read more

    Affected Products : quarkus
    • EPSS Score: %0.03
    • Published: Feb. 24, 2023
    • Modified: Mar. 12, 2025

  • 3.3

    LOW
    CVE-2018-16252

    FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.... Read more

    Affected Products : event_log_explorer
    • EPSS Score: %0.92
    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-12445

    An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with... Read more

    Affected Products : dropbox
    • EPSS Score: %0.05
    • Published: Jun. 20, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-21436

    Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.... Read more

    Affected Products : android android dex
    • EPSS Score: %0.09
    • Published: Feb. 09, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-25823

    Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log.... Read more

    Affected Products : galaxy_watch_plugin
    • EPSS Score: %0.06
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0990

    In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional exec... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-18900

    A heap-based buffer overflow in the libexe_io_handle_read_coff_optional_header function of libyal libexe before 20181128. NOTE: the vendor has disputed this as described in libyal/libexe issue 1 on GitHub... Read more

    Affected Products : libexe
    • EPSS Score: %0.05
    • Published: Aug. 19, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291909 Results