Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-50564

    A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped.... Read more

    Affected Products : forticlient
    • Published: Jan. 14, 2025
    • Modified: Jun. 11, 2025
    • Vuln Type: Cryptography

  • 3.3

    LOW
    CVE-2024-54516

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to approve a launch daemon without user consent.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2020-19909

    Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated s... Read more

    Affected Products : curl
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-36086

    The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).... Read more

    Affected Products : fedora selinux
    • Published: Jul. 01, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-18442

    Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".... Read more

    Affected Products : fedora debian_linux zziplib zziplib
    • Published: Jun. 18, 2021
    • Modified: Jul. 10, 2025

  • 3.3

    LOW
    CVE-2021-32680

    Nextcloud Server is a Nextcloud package that handles data storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, Nextcloud Server audit logging functionality wasn't properly logging events for the unsetting of a share expiration date. This event is s... Read more

    Affected Products : fedora nextcloud_server notes
    • Published: Jul. 12, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-3655

    A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.... Read more

    • Published: Aug. 05, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-26342

    In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to ... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5498

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499.... Read more

    Affected Products : database_server
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-40838

    A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15. A malicious app may be able to access notifications from the user's device.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 24, 2025

  • 3.3

    LOW
    CVE-2016-5432

    The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.... Read more

    • Published: Oct. 03, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-40795

    This issue was addressed with improved data protection. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 25, 2025

  • 3.3

    LOW
    CVE-2024-3766

    A vulnerability, which was classified as problematic, has been found in slowlyo OwlAdmin up to 3.5.7. Affected by this issue is some unknown functionality of the file /admin-api/upload_image of the component Image File Upload. The manipulation of the argu... Read more

    Affected Products :
    • Published: Apr. 15, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-40830

    This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 17, 2024
    • Modified: Mar. 25, 2025

  • 3.3

    LOW
    CVE-2017-0188

    A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component improperly provides kernel information. An attacker who success... Read more

    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-41007

    In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every t... Read more

    Affected Products : linux_kernel
    • Published: Jul. 15, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-10183

    Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system... Read more

    Affected Products : enterprise_linux virt-manager
    • Published: Jul. 03, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-3764

    ** DISPUTED ** A vulnerability classified as problematic has been found in Tuya SDK up to 5.0.x. Affected is an unknown function of the component MQTT Packet Handler. The manipulation leads to denial of service. It is possible to launch the attack remotel... Read more

    Affected Products :
    • Published: Apr. 14, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-9348

    An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more

    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-40798

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to read Safari's browsing history.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 13, 2025
Showing 20 of 293559 Results