Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-20528

    In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A... Read more

    Affected Products : android
    • Published: Dec. 16, 2022
    • Modified: Apr. 18, 2025

  • 3.3

    LOW
    CVE-2024-0217

    A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region c... Read more

    Affected Products : enterprise_linux fedora packagekit
    • Published: Jan. 03, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-39850

    Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.... Read more

    Affected Products : android dex
    • Published: Oct. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-5292

    Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error r... Read more

    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-50092

    In the Linux kernel, the following vulnerability has been resolved: net: netconsole: fix wrong warning A warning is triggered when there is insufficient space in the buffer for userdata. However, this is not an issue since userdata will be sent in the n... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 13, 2024

  • 3.3

    LOW
    CVE-2013-6124

    The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by... Read more

    Affected Products : android-msm
    • Published: Aug. 31, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2025-43708

    VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference='../../../set/set[2]' is used, aka an "insecure deserialization" issue.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: XML External Entity

  • 3.3

    LOW
    CVE-2011-4116

    _is_safe in the File::Temp module for Perl does not properly handle symlinks.... Read more

    Affected Products : file\
    • Published: Jan. 31, 2020
    • Modified: Aug. 04, 2025

  • 3.3

    LOW
    CVE-2017-1086

    In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struct ptrace_lwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant byt... Read more

    Affected Products : freebsd
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2015-7758

    Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesi... Read more

    Affected Products : leap opensuse gummi
    • Published: Jan. 08, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2017-10095

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Solar... Read more

    Affected Products : solaris solaris
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2019-2708

    Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege wi... Read more

    Affected Products : berkeley_db
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-3917

    kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large va... Read more

    • Published: Jun. 05, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2014-1208

    VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid por... Read more

    Affected Products : player workstation esxi fusion esx
    • Published: Jan. 17, 2014
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2014-0244

    The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.... Read more

    Affected Products : samba
    • Published: Jun. 23, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2018-2763

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solari... Read more

    Affected Products : solaris solaris
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-38205

    drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Aug. 08, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-2484

    The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.... Read more

    Affected Products : debian_linux wireshark opensuse
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-42323

    Azure RTOS Information Disclosure Vulnerability... Read more

    Affected Products : azure_real_time_operating_system
    • Published: Nov. 10, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-44190

    Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows after_effects
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293425 Results