Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2018-4322

    This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-11470

    Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting... Read more

    Affected Products : meetings
    • EPSS Score: %0.07
    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-4591

    IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.... Read more

    • EPSS Score: %0.02
    • Published: Aug. 28, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-2876

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • EPSS Score: %0.07
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-2875

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • EPSS Score: %0.07
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-3538

    Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.... Read more

    • EPSS Score: %0.19
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-3826

    Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.... Read more

    Affected Products : wireshark
    • EPSS Score: %1.20
    • Published: Jun. 30, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2011-1676

    mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.... Read more

    Affected Products : util-linux util-linux
    • EPSS Score: %0.10
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-27799

    This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8. An unprivileged app may be able to log keystrokes in other apps including tho... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jun. 10, 2024
    • Modified: Mar. 13, 2025

  • 3.3

    LOW
    CVE-2013-2102

    The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information (diagnostics) by accessing the s... Read more

    • EPSS Score: %0.16
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2006-1247

    rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : aix
    • EPSS Score: %0.03
    • Published: Apr. 19, 2006
    • Modified: Apr. 03, 2025

  • 3.3

    LOW
    CVE-2007-3921

    gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : gforge
    • EPSS Score: %0.04
    • Published: Nov. 08, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2022-3629

    A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. ... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.03
    • Published: Oct. 21, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-3825

    Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than C... Read more

    Affected Products : wireshark
    • EPSS Score: %2.05
    • Published: Jun. 30, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2025-23288

    NVIDIA GPU Display Driver for Windows contains a vulnerability  where an attacker may cause an exposure of sensitive system information with local unprivileged system access. A successful exploit of this vulnerability may lead to Information disclosure.... Read more

    Affected Products :
    • Published: Aug. 02, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-20233

    In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-... Read more

    • Published: Mar. 26, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2025-21023

    Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information.... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2025-0245

    Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed. This vulnerability affects Firefox < 134.... Read more

    Affected Products : firefox
    • Published: Jan. 07, 2025
    • Modified: Apr. 03, 2025
    • Vuln Type: Authentication

  • 3.3

    LOW
    CVE-2015-8034

    The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.... Read more

    Affected Products : salt
    • EPSS Score: %0.04
    • Published: Jan. 30, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2015-3787

    The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.30
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 292189 Results