Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2019-15415

    The Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/vince/vince:7.1.2/N2G47H/V9.5.4.0.NEGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1711_201803291645) th... Read more

    Affected Products : redmi_5_firmware redmi_5
    • EPSS Score: %0.12
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-0453

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect confidentiality via vectors related to PORTAL.... Read more

    Affected Products : peoplesoft_products
    • EPSS Score: %0.36
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2013-6124

    The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by... Read more

    Affected Products : android-msm
    • EPSS Score: %0.03
    • Published: Aug. 31, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-30753

    Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-7836

    Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame.... Read more

    Affected Products : ruggedcom_rugged_operating_system
    • EPSS Score: %0.27
    • Published: Oct. 28, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-39850

    Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.... Read more

    Affected Products : android dex
    • EPSS Score: %0.03
    • Published: Oct. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-5044

    The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7.2.5 Patch 4 IF3 allows remote attackers to cause a denial of service via unspecified packets.... Read more

    • EPSS Score: %0.24
    • Published: Nov. 08, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2019-5292

    Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error r... Read more

    • EPSS Score: %0.06
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-27849

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Oct. 30, 2024

  • 3.3

    LOW
    CVE-2016-7220

    Virtual Secure Mode in Microsoft Windows 10 allows local users to obtain sensitive information via a crafted application, aka "Virtual Secure Mode Information Disclosure Vulnerability."... Read more

    Affected Products : windows_10
    • EPSS Score: %1.46
    • Published: Nov. 10, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2020-8908

    A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, o... Read more

    • EPSS Score: %0.07
    • Published: Dec. 10, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-42931

    Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox ... Read more

    Affected Products : firefox
    • EPSS Score: %0.03
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 3.3

    LOW
    CVE-2022-42903

    Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list.... Read more

    Affected Products : manageengine_supportcenter_plus
    • EPSS Score: %0.05
    • Published: Nov. 17, 2022
    • Modified: Apr. 30, 2025

  • 3.3

    LOW
    CVE-2022-41954

    MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of `File.createTempFile(..)` results in temporary files being created with the p... Read more

    Affected Products : mpxj
    • EPSS Score: %0.02
    • Published: Nov. 25, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-6349

    The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command.... Read more

    Affected Products : oci-register-machine
    • EPSS Score: %0.13
    • Published: Mar. 29, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2012-3581

    Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors.... Read more

    Affected Products : messaging_gateway
    • EPSS Score: %0.15
    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-4293

    plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (a... Read more

    Affected Products : wireshark sunos opensuse
    • EPSS Score: %0.97
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-4291

    The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.... Read more

    • EPSS Score: %0.90
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-2708

    Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege wi... Read more

    Affected Products : berkeley_db
    • EPSS Score: %1.28
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-3917

    kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large va... Read more

    • EPSS Score: %0.09
    • Published: Jun. 05, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291647 Results