Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2011-3574

    Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality and integrity via unknown vectors related to Calendar Server.... Read more

    Affected Products : communications_unified
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-27331

    PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: Apr. 01, 2024
    • Modified: Jul. 07, 2025

  • 3.3

    LOW
    CVE-2016-4527

    ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : pcm600
    • Published: Jun. 10, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-33726

    Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity.... Read more

    Affected Products : android dex
    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-5355

    welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.... Read more

    Affected Products : xdiagnose
    • Published: Oct. 10, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-22468

    A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage.... Read more

    Affected Products : harmonyos
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-24366

    Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.... Read more

    Affected Products : youtrack
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20556

    In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. This could lead to local escalation of privilege with no additional execution privil... Read more

    Affected Products : android
    • Published: Dec. 16, 2022
    • Modified: Apr. 18, 2025

  • 3.3

    LOW
    CVE-2023-32464

    Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and ... Read more

    • Published: Jun. 23, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-4773

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in cloudsync. Affected by this vulnerability is the function getItem of the file src/main/java/cloudsync/connector/LocalFilesystemConnector.java. The manipulation leads to... Read more

    Affected Products : cloudsync
    • Published: Dec. 28, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0988

    In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local informatio... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-5037

    The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages.... Read more

    • Published: Dec. 30, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-4345

    IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. IBM X-Force ID: 178318.... Read more

    Affected Products : i i
    • Published: May. 17, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-39906

    Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.... Read more

    Affected Products : android dex
    • Published: Dec. 08, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-20944

    cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-0707

    The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories.... Read more

    Affected Products : ambari
    • Published: May. 18, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2020-25779

    Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the w... Read more

    Affected Products : antivirus
    • Published: Oct. 13, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-20977

    Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : notes
    • Published: May. 07, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2021-0978

    In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-6371

    The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading broadcast packets, a different vulne... Read more

    Affected Products : n900_wireless_router
    • Published: Dec. 31, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 292820 Results