Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2019-9377

    In FingerprintService, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to a local information disclosure of metadata about the biometrics of another ... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-10433

    Jenkins Dingding[钉钉] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.... Read more

    Affected Products : dingding
    • EPSS Score: %0.02
    • Published: Oct. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-9280

    In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for exploitati... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-0183

    Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.05
    • Published: Jun. 13, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2002-2301

    Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database.... Read more

    Affected Products : lawson_financials
    • EPSS Score: %0.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 3.3

    LOW
    CVE-2018-25030

    A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and File Manager up to 2.5. Affected is the Auto Lock. A race condition leads to a local authentication bypass. The exploit has been disclosed to the public and may ... Read more

    Affected Products : file_manager secure_private_browser
    • EPSS Score: %0.24
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-17294

    Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C0... Read more

    • EPSS Score: %0.02
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-18421

    cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.06
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-18424

    In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.07
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-11990

    We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to a... Read more

    Affected Products : cordova
    • EPSS Score: %0.16
    • Published: Dec. 01, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-24003

    Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skyp... Read more

    Affected Products : skype
    • EPSS Score: %0.80
    • Published: Jan. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-27502

    Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Mar. 14, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-24336

    SXF Common Library handles input data improperly. If a product using the library reads a crafted file, the product may be crashed.... Read more

    Affected Products :
    • Published: Jan. 31, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2023-40218

    An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.... Read more

    • EPSS Score: %0.01
    • Published: Sep. 12, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-49756

    Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally.... Read more

    Affected Products : 365_apps
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Cryptography

  • 3.3

    LOW
    CVE-2023-45816

    Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, there is an edge case where a bookmark reminder is sent and an unread notificat... Read more

    Affected Products : discourse
    • EPSS Score: %0.13
    • Published: Nov. 10, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-2687

    Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.... Read more

    Affected Products : gecko_software_development_kit
    • EPSS Score: %0.04
    • Published: Jun. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-21512

    Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission.... Read more

    Affected Products : android android dex
    • EPSS Score: %0.07
    • Published: Jun. 28, 2023
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2012-0524

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows local users to affect confidentiality and integrity via unknown vectors related to File Processing.... Read more

    Affected Products : peoplesoft_products
    • EPSS Score: %0.20
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2006-1285

    SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.... Read more

    Affected Products : ghost_solutions_suite norton_ghost
    • EPSS Score: %0.07
    • Published: Mar. 19, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 291384 Results